VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-n9v7-sg5s-aaac

Essentials
Severities (111)
References (34)
Severity details (24)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-n9v7-sg5s-aaac
Aliases	(+ CVE-2017-2616 fix) regression
Summary	A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-362	Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-267	Privilege Defined With Unsafe Actions

System	Score	Found at
generic_textual	Medium	http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-2616.html
cvssv3	5.5	http://rhn.redhat.com/errata/RHSA-2017-0654.html
ssvc	Track	http://rhn.redhat.com/errata/RHSA-2017-0654.html
rhas	Moderate	https://access.redhat.com/errata/RHSA-2017:0654
cvssv3	5.5	https://access.redhat.com/errata/RHSA-2017:0907
ssvc	Track	https://access.redhat.com/errata/RHSA-2017:0907
cvssv3	5.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2616.json
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00032	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00042	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00042	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00042	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00042	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00042	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00042	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00042	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00042	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00042	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00042	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00042	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00042	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00042	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
epss	0.00042	https://api.first.org/data/v1/epss?cve=CVE-2017-2616
rhbs	medium	https://bugzilla.redhat.com/show_bug.cgi?id=1418710
cvssv3	5.5	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616
ssvc	Track	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6252
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616
cvssv3	5.5	https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891
ssvc	Track	https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891
cvssv2	4.7	https://nvd.nist.gov/vuln/detail/CVE-2017-2616
cvssv3	4.7	https://nvd.nist.gov/vuln/detail/CVE-2017-2616
cvssv3	5.5	https://security.gentoo.org/glsa/201706-02
ssvc	Track	https://security.gentoo.org/glsa/201706-02
generic_textual	Medium	https://ubuntu.com/security/notices/USN-3276-1
generic_textual	Medium	https://ubuntu.com/security/notices/USN-3276-3
cvssv3	5.5	https://www.debian.org/security/2017/dsa-3793
ssvc	Track	https://www.debian.org/security/2017/dsa-3793
cvssv3	5.5	http://www.securityfocus.com/bid/96404
ssvc	Track	http://www.securityfocus.com/bid/96404
cvssv3	5.5	http://www.securitytracker.com/id/1038271
ssvc	Track	http://www.securitytracker.com/id/1038271

Reference id	Reference type	URL
		http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-2616.html
		http://rhn.redhat.com/errata/RHSA-2017-0654.html
		https://access.redhat.com/errata/RHSA-2017:0907
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2616.json
		https://api.first.org/data/v1/epss?cve=CVE-2017-2616
		https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6252
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616
		https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891
		https://security.gentoo.org/glsa/201706-02
		https://ubuntu.com/security/notices/USN-3276-1
		https://ubuntu.com/security/notices/USN-3276-3
		https://www.debian.org/security/2017/dsa-3793
		http://www.securityfocus.com/bid/96404
		http://www.securitytracker.com/id/1038271
1418710		https://bugzilla.redhat.com/show_bug.cgi?id=1418710
855943		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855943
cpe:2.3:a:util-linux_project:util-linux::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:util-linux_project:util-linux::::::::
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2017-2616		https://nvd.nist.gov/vuln/detail/CVE-2017-2616
RHSA-2017:0654		https://access.redhat.com/errata/RHSA-2017:0654
USN-3276-1		https://usn.ubuntu.com/3276-1/
USN-3276-3		https://usn.ubuntu.com/3276-3/

No exploits are available.

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at http://rhn.redhat.com/errata/RHSA-2017-0654.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/ Found at http://rhn.redhat.com/errata/RHSA-2017-0654.html

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/errata/RHSA-2017:0907

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/ Found at https://access.redhat.com/errata/RHSA-2017:0907

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2616.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/ Found at https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2616

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/ Found at https://github.com/karelzak/util-linux/commit/dffab154d29a288aa171ff50263ecc8f2e14a891

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2017-2616

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2017-2616

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://security.gentoo.org/glsa/201706-02

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/ Found at https://security.gentoo.org/glsa/201706-02

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://www.debian.org/security/2017/dsa-3793

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/ Found at https://www.debian.org/security/2017/dsa-3793

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at http://www.securityfocus.com/bid/96404

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/ Found at http://www.securityfocus.com/bid/96404

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at http://www.securitytracker.com/id/1038271

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:37:36Z/ Found at http://www.securitytracker.com/id/1038271

Exploit Prediction Scoring System (EPSS)

Percentile	0.07446
EPSS Score	0.00031
Published At	May 23, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.