Password Disclosure Vulnerability in SGI Tempo from SGI
CVE-2014-7301
6.6MEDIUM
What is CVE-2014-7301?
SGI Tempo, utilized within SGI ICE-X systems, exhibits a vulnerability due to inadequate file permissions. This flaw permits local users to access sensitive information, specifically allowing them to retrieve password hashes and potentially other confidential data from the /etc/odapw directory. This security oversight can lead to significant risks if exploited, making it imperative for system administrators to address the permissions surrounding these files urgently.