Test ID:	1.3.6.1.4.1.25623.1.0.882975
Category:	CentOS Local Security Checks
Title:	CentOS Update for sos-collector CESA-2018:3663 centos7
Summary:	The remote host is missing an update for the 'sos-collector'; package(s) announced via the CESA-2018:3663 advisory.
Description:	Summary: The remote host is missing an update for the 'sos-collector' package(s) announced via the CESA-2018:3663 advisory. Vulnerability Insight: sos-collector is a utility that gathers sosreports from multi-node environments. sos-collector facilitates data collection for support cases and it can be run from either a node or from an administrator's local workstation that has network access to the environment. The following packages have been upgraded to a later upstream version: sos-collector (1.5). (BZ#1644776) Security Fix(es): * sos-collector: incorrect permissions set on newly created files (CVE-2018-14650) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. This issue was discovered by Riccardo Schirone (Red Hat Product Security). Affected Software/OS: sos-collector on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 1.9 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-14650 RHSA-2018:3663 https://access.redhat.com/errata/RHSA-2018:3663 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14650 https://github.com/sosreport/sos-collector/commit/72058f9253e7ed8c7243e2ff76a16d97b03d65ed
Copyright	Copyright (C) 2018 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.