OpenSUSE Open Build Service Vulnerability: Unauthorized Modification of Sources

OpenSUSE Open Build Service Vulnerability: Unauthorized Modification of Sources

CVE-2018-7688 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3 allowed all authenticated users to modify sources in projects where they do not have write permissions.

Learn more about our Cis Benchmark Audit For Suse Linux Enterprise Server.