CVE-2019-3687

LOW Year: 2019
CVSS v3 Score
3.3
Low
CVSS v2 Score
1.9
Low
Weakness Type
CWE-276
View all →

Vulnerability Description

The permission package in SUSE Linux Enterprise Server allowed all local users to run dumpcap in the "easy" permission profile and sniff network traffic. This issue affects: SUSE Linux Enterprise Server permissions versions starting from 85c83fef7e017f8ab7f8602d3163786d57344439 to 081d081dcfaf61710bda34bc21c80c66276119aa.

Related Vulnerabilities

CVE-2019-17052

LOW
CVSS:3.3(Low)

ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CI...

CWE-2762019

CVE-2019-17053

LOW
CVSS:3.3(Low)

ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw so...

CWE-2762019

CVE-2019-17054

LOW
CVSS:3.3(Low)

atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka ...

CWE-2762019

CVE-2019-17056

LOW
CVSS:3.3(Low)

llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CI...

CWE-2762019

CVE-2019-18900

LOW
CVSS:3.3(Low)

: Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used...

CWE-2762019

CVE-2020-11867

LOW
CVSS:3.3(Low)

Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and ...

CWE-2762020