Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
suddoers configuration for cscreen not restrictive enough
Vulnerability Description
A Incorrect Permission Assignment for Critical Resource vulnerability in the sudoers configuration in cscreen of openSUSE Factory allows any local users to gain the privileges of the tty and dialout groups and access and manipulate any running cscreen seesion. This issue affects: openSUSE Factory cscreen version 1.2-1.3 and prior versions.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
关键资源的不正确权限授予
Vulnerability Title
cscreen 安全漏洞
Vulnerability Description
cscreen是一个开源工具。允许在一个屏幕会话中运行多个控制台。非常适合在一个屏幕实例中监控和记录数据中心中的所有串行控制台。 cscreen 存在安全漏洞,该漏洞允许任何本地用户获得 tty 和 dialout 组的权限,并访问和操纵任何正在运行的 cscreen 访问。
CVSS Information
N/A
Vulnerability Type
N/A