vulnerability

SUSE: CVE-2019-3696: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:M/Au:S/C:C/I:C/A:C)	Feb 7, 2020	Feb 8, 2020	Jan 28, 2025

Severity

CVSS

(AV:L/AC:M/Au:S/C:C/I:C/A:C)

Published

Feb 7, 2020

Added

Feb 8, 2020

Modified

Jan 28, 2025

Description

A Improper Limitation of a Pathname to a Restricted Directory vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Module for Development Tools 15-SP1, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local user pcp to overwrite arbitrary files with arbitrary content. This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise High Performance Computing 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15-SP1 pcp versions prior to 4.3.1-3.5.3. SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server for SAP 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Software Development Kit 12-SP4 pcp versions prior to 3.11.9-6.14.1. SUSE Linux Enterprise Software Development Kit 12-SP5 pcp versions prior to 3.11.9-6.14.1. openSUSE Leap 15.1 pcp versions prior to 4.3.1-lp151.2.3.1.

Solution(s)

suse-upgrade-libpcp-develsuse-upgrade-libpcp3suse-upgrade-libpcp_gui2suse-upgrade-libpcp_import1suse-upgrade-libpcp_mmv1suse-upgrade-libpcp_trace2suse-upgrade-libpcp_web1suse-upgrade-pcpsuse-upgrade-pcp-confsuse-upgrade-pcp-develsuse-upgrade-pcp-docsuse-upgrade-pcp-export-pcp2elasticsearchsuse-upgrade-pcp-export-pcp2graphitesuse-upgrade-pcp-export-pcp2influxdbsuse-upgrade-pcp-export-pcp2jsonsuse-upgrade-pcp-export-pcp2sparksuse-upgrade-pcp-export-pcp2xmlsuse-upgrade-pcp-export-pcp2zabbixsuse-upgrade-pcp-export-zabbix-agentsuse-upgrade-pcp-guisuse-upgrade-pcp-import-collectl2pcpsuse-upgrade-pcp-import-ganglia2pcpsuse-upgrade-pcp-import-iostat2pcpsuse-upgrade-pcp-import-mrtg2pcpsuse-upgrade-pcp-import-sar2pcpsuse-upgrade-pcp-managersuse-upgrade-pcp-pmda-activemqsuse-upgrade-pcp-pmda-apachesuse-upgrade-pcp-pmda-bashsuse-upgrade-pcp-pmda-bind2suse-upgrade-pcp-pmda-bondingsuse-upgrade-pcp-pmda-cifssuse-upgrade-pcp-pmda-ciscosuse-upgrade-pcp-pmda-dbpingsuse-upgrade-pcp-pmda-dmsuse-upgrade-pcp-pmda-dockersuse-upgrade-pcp-pmda-ds389suse-upgrade-pcp-pmda-ds389logsuse-upgrade-pcp-pmda-elasticsearchsuse-upgrade-pcp-pmda-gfs2suse-upgrade-pcp-pmda-glustersuse-upgrade-pcp-pmda-gpfssuse-upgrade-pcp-pmda-gpsdsuse-upgrade-pcp-pmda-haproxysuse-upgrade-pcp-pmda-infinibandsuse-upgrade-pcp-pmda-jsonsuse-upgrade-pcp-pmda-kvmsuse-upgrade-pcp-pmda-libvirtsuse-upgrade-pcp-pmda-liosuse-upgrade-pcp-pmda-lmsensorssuse-upgrade-pcp-pmda-loggersuse-upgrade-pcp-pmda-lustresuse-upgrade-pcp-pmda-lustrecommsuse-upgrade-pcp-pmda-mailqsuse-upgrade-pcp-pmda-memcachesuse-upgrade-pcp-pmda-micsuse-upgrade-pcp-pmda-mountssuse-upgrade-pcp-pmda-mysqlsuse-upgrade-pcp-pmda-namedsuse-upgrade-pcp-pmda-netfiltersuse-upgrade-pcp-pmda-newssuse-upgrade-pcp-pmda-nfsclientsuse-upgrade-pcp-pmda-nginxsuse-upgrade-pcp-pmda-nutcrackersuse-upgrade-pcp-pmda-nvidia-gpususe-upgrade-pcp-pmda-oraclesuse-upgrade-pcp-pmda-papisuse-upgrade-pcp-pmda-pdnssuse-upgrade-pcp-pmda-perfeventsuse-upgrade-pcp-pmda-postfixsuse-upgrade-pcp-pmda-prometheussuse-upgrade-pcp-pmda-redissuse-upgrade-pcp-pmda-roomtempsuse-upgrade-pcp-pmda-rpmsuse-upgrade-pcp-pmda-rsyslogsuse-upgrade-pcp-pmda-sambasuse-upgrade-pcp-pmda-sendmailsuse-upgrade-pcp-pmda-shpingsuse-upgrade-pcp-pmda-slurmsuse-upgrade-pcp-pmda-smartsuse-upgrade-pcp-pmda-snmpsuse-upgrade-pcp-pmda-summarysuse-upgrade-pcp-pmda-systemdsuse-upgrade-pcp-pmda-tracesuse-upgrade-pcp-pmda-unboundsuse-upgrade-pcp-pmda-vmwaresuse-upgrade-pcp-pmda-weblogsuse-upgrade-pcp-pmda-zimbrasuse-upgrade-pcp-pmda-zswapsuse-upgrade-pcp-system-toolssuse-upgrade-pcp-testsuitesuse-upgrade-pcp-webapisuse-upgrade-pcp-zeroconfsuse-upgrade-perl-pcp-logimportsuse-upgrade-perl-pcp-logsummarysuse-upgrade-perl-pcp-mmvsuse-upgrade-perl-pcp-pmdasuse-upgrade-python-pcpsuse-upgrade-python3-pcp

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today