CVE-2013-6891

LOW

—CVSS v3

1.2CVSS v2

0.05% EPSS (exploit probability)

CWE-59CWE

Description

lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf.

Affected routers (0)

No routers currently mapped to this CVE in our database.

External references

NIST NVD
MITRE CVE