Endpoint Vulnerability

RHSA-2018:3663: sos-collector security update (Moderate)

Description

sos-collector is a utility that gathers sosreports from multi-node environments. sos-collector facilitates data collection for support cases and it can be run from either a node or from an administrator's local workstation that has network access to the environment. The following packages have been upgraded to a later upstream version: sos-collector (1.5). (BZ#1644776) Security Fix(es): * sos-collector: incorrect permissions set on newly created files (CVE-2018-14650) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. This issue was discovered by Riccardo Schirone (Red Hat Product Security).

Affected Products

sos-collector

References

CVE-2018-14650,