Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 08/06/2018 Updated: 07/11/2023

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N

The controller of the Open Build Service API prior to version 2.4.4 is missing a write permission check, allowing an authenticated malicious user to add or remove user roles from packages and/or project meta data.

Vulnerable Product	Search on Vulmon	Subscribe to Product
opensuse open build service

CWE-275 https://bugzilla.suse.com/show_bug.cgi?id=828256 https://github.com/openSUSE/open-build-service/commit/06ad7fdbdd7eb2fef8947d14c4cdd00d8f6387b1 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-3703

Vulnerability Summary

References

Vulmon Search

About

Products

Connect