How severe is CVE-2018-6556?

This vulnerability has a severity rating of LOW with a CVSS score of 3.3 out of 10.

What type of vulnerability is CVE-2018-6556?

This is classified as CWE-417, which is a common weakness in software security.

CVE-2018-6556 - LOW Severity | CVSS 3.3

Vulnerability Description

lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Affected releases are LXC: 2.0 versions above and including 2.0.9; 3.0 versions above and including 3.0.0, prior to 3.0.2.

Related Vulnerabilities

CVE-2017-8822

LOW

CVSS:3.7(Low)

In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that have incompletely downloaded descriptors) can pick the...

CWE-4172017

CVE-2017-1000197

CRITICAL

CVSS:9.8(Critical)

October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server.

CWE-4172017

CVE-2019-9855

CRITICAL

CVSS:9.8(Critical)

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice ...

CWE-4172019

CVE-2017-6520

CRITICAL

CVSS:9.1(Critical)

The Multicast DNS (mDNS) responder used in BOSE Soundtouch 30 inadvertently responds to IPv4 unicast queries with source addresses that are not link-local, which allows remote attackers to cause a den...

CWE-4172017

CVE-2017-7760

HIGH

CVSS:7.8(High)

The Mozilla Windows updater modifies some files to be updated by reading the original file and applying changes to it. The location of the original file can be altered by a malicious user by passing a...

CWE-4172017

CVE-2016-9879

HIGH

CVSS:7.5(High)

An issue was discovered in Pivotal Spring Security before 3.2.10, 4.1.x before 4.1.4, and 4.2.x before 4.2.1. Spring Security does not consider URL path parameters when processing security constraints...

CWE-4172016