CVE-2020-14976

Published June 23rd, 2020

View on NVD ↗

CVSS v3

5.5

MEDIUM

CVSS v2

4.9

MEDIUM

Affected

PROJECTS

Description

GNS3 ubridge through 0.9.18 on macOS, as used in GNS3 server before 2.1.17, allows a local attacker to read arbitrary files because it handles configuration-file errors by printing the configuration file while executing in a setuid root context.

GNS3/ubridge

Bridge for UDP tunnels, Ethernet, TAP and VMnet interfaces.

GitHub

144

GNS3/gns3-server

GNS3 server

GitHub