Filesystem Exposure in Oracle Linux OSwatcher by Oracle
CVE-2021-2464

7.8HIGH

Key Information:

Vendor
Oracle
Vendor
CVE Published:
24 September 2021

Summary

A vulnerability exists within the OSwatcher component of Oracle Linux, impacting versions 7 and 8. This issue allows low-privileged attackers who are logged into the infrastructure to exploit the vulnerability, potentially leading to compromise of the Oracle Linux environment. Successful exploitation could enable unauthorized control over the system, affecting its confidentiality, integrity, and availability. Users of Oracle Linux are encouraged to apply the necessary patches and maintain vigilant security practices to safeguard against potential attacks.

Affected Version(s)

Oracle Linux 7

Oracle Linux 8

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.