CVE-2014-4997

Description

lib/commands/setup.rb in the point-cli gem 0.0.1 for Ruby places credentials on the curl command line, which allows local users to obtain sensitive information by listing the process.

CVSS Version 3.0
CVSS Version 2.0

nvd
CVE ID: CVE-2014-4997
Base Score: 7.8
Base Severity: HIGH
Vector String:CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

nvd
CVE ID: CVE-2014-4997
Base Score: 2.1
Base Severity: LOW
Vector String:AV:L/AC:L/Au:N/C:P/I:N/A:N

Refrence: NVD

Description​

Description