VDB
CVE-2022-48258
CVE-2022-48258
PUBLISHED
CVSS 5.300000190734863 MEDIUM
In Eternal Terminal 6.2.1, etserver and etclient have world-readable logfiles.
EPSS 0.23% · 45.9th percentile
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.23%
45.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| eternal_terminal_project | eternal_terminal | 6.2.1 |
| n/a | n/a | n/a |
Exploit Intelligence
- https://github.com/MisterTea/EternalTerminal/pull/556 (nist-nvd)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2RY6PKBU73I45L6YWNYCUK2XBEXEFX7L/ (circl)
- https://github.com/MisterTea/EternalTerminal/issues/555 (circl)
- [oss-security] 20230216 EternalTerminal: Review report and findings (predictable /tmp file paths and file permission issues, 3 CVEs) (circl)
- FEDORA-2024-94a155818c (circl)
- FEDORA-2024-bd9e67c117 (circl)
- FEDORA-2024-b745c97f4b (circl)
Timeline
- Jan 13, 2023 CVE Published
- Jan 13, 2023 EPSS Score
- Feb 23, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 5, 2023 EPSS Score
- May 15, 2023 EPSS Score
- Jun 25, 2023 EPSS Score
- Aug 5, 2023 EPSS Score
- Sep 15, 2023 EPSS Score
- Oct 26, 2023 EPSS Score
- Dec 5, 2023 EPSS Score
- Jan 15, 2024 EPSS Score
References
- https://github.com/MisterTea/EternalTerminal/issues/555 url
- https://github.com/MisterTea/EternalTerminal/pull/556 url
- [oss-security] 20230216 EternalTerminal: Review report and findings (predictable /tmp file paths and file permission issues, 3 CVEs) mailing-list
- FEDORA-2024-94a155818c vendor-advisory
- FEDORA-2024-bd9e67c117 vendor-advisory
- FEDORA-2024-b745c97f4b vendor-advisory
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2RY6PKBU73I45L6YWNYCUK2XBEXEFX7L/ url
- https://nvd.nist.gov/vuln/detail/CVE-2022-48258 advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2RY6PKBU73I45L6YWNYCUK2XBEXEFX7L url
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYODHZECXYFC2BNODZPZXZAXOKGMCYAP url
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6MO4FSKYNSAJVUXYP7LRY7ARUIGKBFL url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2RY6PKBU73I45L6YWNYCUK2XBEXEFX7L url