CVE-2021-46705

Medium

A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local…

suse·CWE-377·Published 2022-03-16

CVSS

4.4

EPSS

0.00

KEV

Exploits

cve.orgen

324 chars

A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2 versions prior to 2.06-18.1.

NVDen

324 chars

NVDes

356 chars

Una vulnerabilidad de Archivos Temporales no Seguros en grub-once de grub2 en SUSE Linux Enterprise Server 15 SP4, openSUSE Factory permite a atacantes locales truncar archivos arbitrarios. Este problema afecta a: SUSE Linux Enterprise Server 15 SP4 grub2 versiones anteriores a 2.06-150400.7.1. SUSE openSUSE Factory grub2 versiones anteriores a 2.06-18.1

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:N/I:P/A:N
3.1	Primary	cve.org	5.1	—	—	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
3.1	Primary	cve.org	5.1	—	—	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
3.1	Primary	NVD	4.4	1.8	2.5	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
3.1	Secondary	NVD	5.1	2.5	2.5	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L