How severe is CVE-2019-3698?

This vulnerability has a severity rating of HIGH with a CVSS score of 7 out of 10.

What type of vulnerability is CVE-2019-3698?

This is classified as CWE-59, which is a common weakness in software security.

CVE-2019-3698

HIGH Year: 2019

CVSS v3 Score

7.0

High

CVSS v2 Score

6.9

Medium

Weakness Type

CWE-59

View all →

Vulnerability Description

UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. This issue affects: SUSE Linux Enterprise Server 12 nagios version 3.5.1-5.27 and prior versions. SUSE Linux Enterprise Server 11 nagios version 3.0.6-1.25.36.3.1 and prior versions. openSUSE Factory nagios version 4.4.5-2.1 and prior versions.

CVE-2004-0217

HIGH

CVSS:7.0(High)

The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpd...

CWE-592004

CVE-2009-1143

HIGH

CVSS:7.0(High)

An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can bypass intended access restrictions on mounting shares via a symlink attack that leverages a realpath race condition in moun...

CWE-592009

CVE-2016-6664

HIGH

CVSS:7.0(High)

mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona...

CWE-592016

CVE-2018-6557

HIGH

CVSS:7.0(High)

The MOTD update script in the base-files package in Ubuntu 18.04 LTS before 10.1ubuntu2.2, and Ubuntu 18.10 before 10.1ubuntu6 incorrectly handled temporary files. A local attacker could use this issu...

CWE-592018

CVE-2019-13226

HIGH

CVSS:7.0(High)

deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/<block-dev-basename> in the Helper::temporaryMountDevice() function to temporarily mount a file system as root. An unprivileg...

CWE-592019

CVE-2019-18932

HIGH

CVSS:7.0(High)

log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this directo...

CWE-592019

CVE-2019-3698

Vulnerability Description

Related Vulnerabilities

CVE-2004-0217

CVE-2009-1143

CVE-2016-6664

CVE-2018-6557

CVE-2019-13226

CVE-2019-18932