CVE-2017-10600

{"id": "CVE-2017-10600", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.9, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 2.5}]}, "published": "2017-07-11T17:29:00.177", "references": [{"url": "https://forum.snapcraft.io/t/ownership-bug-in-ubuntu-image/1285", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://forum.snapcraft.io/t/ownership-bug-in-ubuntu-image/1285", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-384"}]}], "descriptions": [{"lang": "en", "value": "ubuntu-image 1.0 before 2017-07-07, when invoked as non-root, creates files in the resulting image with the uid of the invoking user. When the resulting image is booted, a local attacker with the same uid as the image creator has unintended access to cloud-init and snapd directories."}, {"lang": "es", "value": "ubuntu-image versi\u00f3n 1.0 anterior a versi\u00f3n 2017-07-07, cuando se invoca como no root, crea archivos en la imagen resultante con el uid del usuario que invoca. Cuando la imagen resultante es iniciada, un atacante local con el mismo uid que el creador de la imagen tiene acceso no deseado a los directorios cloud-init y snapd."}], "lastModified": "2025-04-20T01:37:25.860", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:canonical:ubuntu-image:1.0:2017-07-06:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1F8912A-AEE1-4713-89FF-9E9C04112176"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}