Vulnerability Description
keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information.
CVSS Score
7.5
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Keepalived | Keepalived | 2.0.8 |
Related Weaknesses (CWE)
References
- https://bugzilla.suse.com/show_bug.cgi?id=1015141Issue TrackingThird Party Advisory
- https://github.com/acassen/keepalived/commit/5241e4d7b177d0b6f073cfc9ed5444bf51ePatchThird Party Advisory
- https://github.com/acassen/keepalived/commit/c6247a9ef2c7b33244ab1d3aa5d629ec49fPatchThird Party Advisory
- https://github.com/acassen/keepalived/issues/1048ExploitPatchThird Party Advisory
- https://security.gentoo.org/glsa/201903-01Third Party Advisory
- https://bugzilla.suse.com/show_bug.cgi?id=1015141Issue TrackingThird Party Advisory
- https://github.com/acassen/keepalived/commit/5241e4d7b177d0b6f073cfc9ed5444bf51ePatchThird Party Advisory
- https://github.com/acassen/keepalived/commit/c6247a9ef2c7b33244ab1d3aa5d629ec49fPatchThird Party Advisory
- https://github.com/acassen/keepalived/issues/1048ExploitPatchThird Party Advisory
- https://security.gentoo.org/glsa/201903-01Third Party Advisory
FAQ
What is CVE-2018-19045?
CVE-2018-19045 is a vulnerability with a CVSS score of 7.5 (HIGH). keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information.
How severe is CVE-2018-19045?
CVE-2018-19045 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-19045?
Check the references section above for vendor advisories and patch information. Affected products include: Keepalived Keepalived.