CVE-2017-14178

Published February 2nd, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

MEDIUM

Affected

PROJECT

Description

In snapd 2.27 through 2.29.2 the 'snap logs' command could be made to call journalctl without match arguments and therefore allow unprivileged, unauthenticated users to bypass systemd-journald's access restrictions.

canonical/snapd

The snapd and snap tools enable systems to work with .snap files.

GitHub

2.03K