CVE-2011-4181

Description

A vulnerability in open build service allows remote attackers to gain access to source files even though source access is disabled. Affected releases are SUSE open build service up to and including version 2.1.15 (for 2.1) and before version 2.3.

CVSS breakdown

CVSS 3.0

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Affected products

SUSE / Open Build Serviceunspecified – 2.1.15
SUSE / Open Build Serviceunspecified – 2.3

References

PATCHhttps://github.com/openSUSE/open-build-service/commit/5281e4bff9df31f1f91e22a0d1e9086b93b23d7e
MISChttps://bugzilla.suse.com/show_bug.cgi?id=734003