CVE-2017-7500

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination. An attacker, with write access to a directory in which a subdirectory will be installed, could redirect that directory to an arbitrary location and gain root privilege.

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7500

https://github.com/rpm-software-management/rpm/commit/c815822c8bdb138066ff58c624ae83e3a12ebfa9

https://github.com/rpm-software-management/rpm/commit/f2d3be2a8741234faaa96f5fd05fdfdc75779a79

Details

Source: MITRE

Published: 2018-08-13

Updated: 2019-10-09

Type: CWE-59

Risk Information

CVSS v2

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Tenable Plugins

View all (12 total)

IDNameProductFamilySeverity
132193EulerOS 2.0 SP3 : rpm (EulerOS-SA-2019-2658)NessusHuawei Local Security Checks
high
131876EulerOS 2.0 SP2 : rpm (EulerOS-SA-2019-2384)NessusHuawei Local Security Checks
high
123243openSUSE Security Update : rpm (openSUSE-2019-564)NessusSuSE Local Security Checks
high
122006Photon OS 2.0: Rpm PHSA-2018-2.0-0108NessusPhotonOS Local Security Checks
critical
121897Photon OS 1.0: Rpm PHSA-2018-1.0-0194NessusPhotonOS Local Security Checks
critical
120062SUSE SLED15 / SLES15 Security Update : rpm (SUSE-SU-2018:2073-1)NessusSuSE Local Security Checks
high
119145SUSE SLED12 / SLES12 Security Update : rpm (SUSE-SU-2018:3884-1)NessusSuSE Local Security Checks
high
118382openSUSE Security Update : rpm (openSUSE-2018-1246)NessusSuSE Local Security Checks
high
118319SUSE SLED12 / SLES12 Security Update : rpm (SUSE-SU-2018:3286-1)NessusSuSE Local Security Checks
high
111570openSUSE Security Update : rpm (openSUSE-2018-808)NessusSuSE Local Security Checks
high
104828Fedora 25 : rpm (2017-ab57a100f3)NessusFedora Local Security Checks
high
104447Fedora 26 : rpm (2017-9232eac8e8)NessusFedora Local Security Checks
high