CVE Vulnerabilities

CVE-2014-6276

Published: Apr 13, 2016 | Modified: Apr 12, 2025
CVSS 3.x
4.3
MEDIUM
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

schema.py in Roundup before 1.5.1 does not properly limit attributes included in default user permissions, which might allow remote authenticated users to obtain sensitive user information by viewing user details.

Affected Software

Name Vendor Start Version End Version
Roundup Roundup-tracker * 1.5.0 (including)
Roundup Ubuntu esm-apps/xenial *
Roundup Ubuntu precise *
Roundup Ubuntu trusty *
Roundup Ubuntu wily *
Roundup Ubuntu xenial *

References