Executive Summary

Informations
Name CVE-2017-14798 First vendor Publication 2018-03-01
Vendor Cve Last vendor Modification 2019-10-03

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Overall CVSS Score 7
Base Score 7 Environmental Score 7
impact SubScore 5.9 Temporal Score 7
Exploitabality Sub Score 1
 
Attack Vector Local Attack Complexity High
Privileges Required Low User Interaction None
Scope Unchanged Confidentiality Impact High
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 6.9 Attack Range Local
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 3.4 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14798

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-362 Race Condition

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 335
Os 1

Sources (Detail)

Source Url
CONFIRM https://bugzilla.suse.com/show_bug.cgi?id=1062722
https://www.suse.com/de-de/security/cve/CVE-2017-14798/
EXPLOIT-DB https://www.exploit-db.com/exploits/45184/
SUSE http://lists.suse.com/pipermail/sle-security-updates/2017-November/003420.html

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
Date Informations
2020-05-23 02:03:15
  • Multiple Updates
2020-05-23 00:56:12
  • Multiple Updates
2019-10-03 09:20:06
  • Multiple Updates
2019-06-13 12:08:38
  • Multiple Updates
2019-04-03 12:07:12
  • Multiple Updates
2018-10-19 12:08:01
  • Multiple Updates
2018-08-15 17:19:42
  • Multiple Updates
2018-07-13 12:08:16
  • Multiple Updates
2018-05-16 12:06:08
  • Multiple Updates
2018-03-26 21:20:19
  • Multiple Updates
2018-03-02 05:18:51
  • First insertion