vulnerability

CentOS Linux: CVE-2019-3696: Low: pcp security, bug fix, and enhancement update (CESA-2020:3869)

Try Surface Command
Back to search
Severity
7
CVSS
(AV:L/AC:M/Au:S/C:C/I:C/A:C)
Published
Mar 3, 2020
Added
Oct 1, 2020
Modified
Jan 28, 2025

Description

A Improper Limitation of a Pathname to a Restricted Directory vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Module for Development Tools 15-SP1, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local user pcp to overwrite arbitrary files with arbitrary content. This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise High Performance Computing 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15-SP1 pcp versions prior to 4.3.1-3.5.3. SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server for SAP 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Software Development Kit 12-SP4 pcp versions prior to 3.11.9-6.14.1. SUSE Linux Enterprise Software Development Kit 12-SP5 pcp versions prior to 3.11.9-6.14.1. openSUSE Leap 15.1 pcp versions prior to 4.3.1-lp151.2.3.1.

Solution(s)

centos-upgrade-pcpcentos-upgrade-pcp-confcentos-upgrade-pcp-debuginfocentos-upgrade-pcp-develcentos-upgrade-pcp-doccentos-upgrade-pcp-export-pcp2elasticsearchcentos-upgrade-pcp-export-pcp2graphitecentos-upgrade-pcp-export-pcp2influxdbcentos-upgrade-pcp-export-pcp2jsoncentos-upgrade-pcp-export-pcp2sparkcentos-upgrade-pcp-export-pcp2xmlcentos-upgrade-pcp-export-pcp2zabbixcentos-upgrade-pcp-export-zabbix-agentcentos-upgrade-pcp-guicentos-upgrade-pcp-import-collectl2pcpcentos-upgrade-pcp-import-ganglia2pcpcentos-upgrade-pcp-import-iostat2pcpcentos-upgrade-pcp-import-mrtg2pcpcentos-upgrade-pcp-import-sar2pcpcentos-upgrade-pcp-libscentos-upgrade-pcp-libs-develcentos-upgrade-pcp-managercentos-upgrade-pcp-pmda-activemqcentos-upgrade-pcp-pmda-apachecentos-upgrade-pcp-pmda-bashcentos-upgrade-pcp-pmda-bcccentos-upgrade-pcp-pmda-bind2centos-upgrade-pcp-pmda-bondingcentos-upgrade-pcp-pmda-cifscentos-upgrade-pcp-pmda-ciscocentos-upgrade-pcp-pmda-dbpingcentos-upgrade-pcp-pmda-dmcentos-upgrade-pcp-pmda-dockercentos-upgrade-pcp-pmda-ds389centos-upgrade-pcp-pmda-ds389logcentos-upgrade-pcp-pmda-elasticsearchcentos-upgrade-pcp-pmda-gfs2centos-upgrade-pcp-pmda-glustercentos-upgrade-pcp-pmda-gpfscentos-upgrade-pcp-pmda-gpsdcentos-upgrade-pcp-pmda-haproxycentos-upgrade-pcp-pmda-infinibandcentos-upgrade-pcp-pmda-jsoncentos-upgrade-pcp-pmda-libvirtcentos-upgrade-pcp-pmda-liocentos-upgrade-pcp-pmda-lmsensorscentos-upgrade-pcp-pmda-loggercentos-upgrade-pcp-pmda-lustrecentos-upgrade-pcp-pmda-lustrecommcentos-upgrade-pcp-pmda-mailqcentos-upgrade-pcp-pmda-memcachecentos-upgrade-pcp-pmda-miccentos-upgrade-pcp-pmda-mountscentos-upgrade-pcp-pmda-mysqlcentos-upgrade-pcp-pmda-namedcentos-upgrade-pcp-pmda-netfiltercentos-upgrade-pcp-pmda-newscentos-upgrade-pcp-pmda-nfsclientcentos-upgrade-pcp-pmda-nginxcentos-upgrade-pcp-pmda-nvidia-gpucentos-upgrade-pcp-pmda-oraclecentos-upgrade-pcp-pmda-pdnscentos-upgrade-pcp-pmda-perfeventcentos-upgrade-pcp-pmda-postfixcentos-upgrade-pcp-pmda-postgresqlcentos-upgrade-pcp-pmda-prometheuscentos-upgrade-pcp-pmda-rediscentos-upgrade-pcp-pmda-roomtempcentos-upgrade-pcp-pmda-rpmcentos-upgrade-pcp-pmda-rsyslogcentos-upgrade-pcp-pmda-sambacentos-upgrade-pcp-pmda-sendmailcentos-upgrade-pcp-pmda-shpingcentos-upgrade-pcp-pmda-slurmcentos-upgrade-pcp-pmda-smartcentos-upgrade-pcp-pmda-snmpcentos-upgrade-pcp-pmda-summarycentos-upgrade-pcp-pmda-systemdcentos-upgrade-pcp-pmda-tracecentos-upgrade-pcp-pmda-unboundcentos-upgrade-pcp-pmda-vmwarecentos-upgrade-pcp-pmda-weblogcentos-upgrade-pcp-pmda-zimbracentos-upgrade-pcp-pmda-zswapcentos-upgrade-pcp-selinuxcentos-upgrade-pcp-system-toolscentos-upgrade-pcp-testsuitecentos-upgrade-pcp-webapicentos-upgrade-pcp-webapp-blinkenlightscentos-upgrade-pcp-webapp-grafanacentos-upgrade-pcp-webapp-graphitecentos-upgrade-pcp-webapp-vectorcentos-upgrade-pcp-webjscentos-upgrade-pcp-zeroconfcentos-upgrade-perl-pcp-logimportcentos-upgrade-perl-pcp-logsummarycentos-upgrade-perl-pcp-mmvcentos-upgrade-perl-pcp-pmdacentos-upgrade-python-pcp

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today