How severe is CVE-2017-6507?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2017-6507?

This is classified as CWE-269, which is a common weakness in software security.

CVE-2017-6507

MEDIUM Year: 2017

CVSS v3 Score

5.9

Medium

CVSS v2 Score

4.3

Medium

Weakness Type

CWE-269

View all →

Vulnerability Description

An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due to the common logic to handle 'restart' operations removing AppArmor profiles that aren't found in the typical filesystem locations, such as /etc/apparmor.d/. Userspace projects that manage their own AppArmor profiles in atypical directories, such as what's done by LXD and Docker, are affected by this flaw in the AppArmor init script logic.

CVE-2023-29056

MEDIUM

CVSS:5.9(Medium)

A valid LDAP user, under specific conditions, will default to read-only permissions when authenticating into XCC. To be vulnerable, XCC must be configured to use an LDAP server for Authentication/Auth...

CWE-2692023

CVE-2024-33500

HIGH

CVSS:5.9(Medium)

A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.11.0), Mendix Applications using Mendix 10 (V10.6) (All versions < V10.6.9), Mendix Applications using Me...

CWE-2692024

CVE-2024-3470

MEDIUM

CVSS:5.9(Medium)

An Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that allowed an attacker to use a deploy key pertaining to an organization to bypass an organization ruleset. ...

CWE-2692024

CVE-2024-44439

MEDIUM

CVSS:5.9(Medium)

An issue in Shanghai Zhouma Network Technology CO., Ltd IMS Intelligent Manufacturing Collaborative Internet of Things System v.1.9.1 allows a remote attacker to escalate privileges via the open port.

CWE-2692024

CVE-2025-2324

MEDIUM

CVSS:5.9(Medium)

Improper Privilege Management vulnerability for users configured as Shared Accounts in Progress MOVEit Transfer (SFTP module) allows Privilege Escalation.This issue affects MOVEit Transfer: from 2023....

CWE-2692025

CVE-2017-5703

MEDIUM

CVSS:6.0(Medium)

Configuration of SPI Flash in platforms based on multiple Intel platforms allow a local attacker to alter the behavior of the SPI flash potentially leading to a Denial of Service.

CWE-2692017

CVE-2017-6507

Vulnerability Description

Related Vulnerabilities

CVE-2023-29056

CVE-2024-33500

CVE-2024-3470

CVE-2024-44439

CVE-2025-2324

CVE-2017-5703