World-readable permission on copy of sosreport file in ABRT problem directories allows unauthorized access to sensitive information
CVE-2015-1870 · LOW Severity
AV:L/AC:L/AU:N/C:P/I:N/A:N
The event scripts in Automatic Bug Reporting Tool (ABRT) uses world-readable permission on a copy of sosreport file in problem directories, which allows local users to obtain sensitive information from /var/log/messages via unspecified vectors.
Learn more about our User Device Pen Test.