Published: 17/07/2017 Updated: 01/07/2020

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.2 | Impact Score: 3.6 | Exploitability Score: 2.5

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Race condition in Network Manager prior to 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows local users to obtain sensitive connection information by reading temporary files during ifcfg and keyfile changes.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat networkmanager

Debian Bug report logs - #820354 network-manager: CVE-2016-0764: Race conditions that could disclose connection secrets to authenticated local users Package: src:network-manager; Maintainer for src:network-manager is Utopia Maintenance Team <pkg-utopia-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso &l ...

A race condition vulnerability was discovered in NetworkManager Temporary files were created insecurely when saving or updating connection settings, which could allow local users to read connection secrets such as VPN passwords or WiFi keys ...

CWE-362 https://bugzilla.redhat.com/show_bug.cgi?id=1324025 http://rhn.redhat.com/errata/RHSA-2016-2581.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820354 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2016-0764

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-0764

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect