Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-8rqc-wx6q-m4qc

Опубликовано: 28 мар. 2024
Источник: github
Github: Не прошло ревью
CVSS3: 7.3

Описание

A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affects Cockpit versions 270 and newer.

A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affects Cockpit versions 270 and newer.

Ссылки

EPSS

Процентиль: 2%
0.00016
Низкий

7.3 High

CVSS3

CVE ID

CVE-2024-2947

Дефекты

CWE-77

Связанные уязвимости

ubuntu логотип

CVE-2024-2947

CVSS3: 7.3
ubuntu
около 1 года назад

A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affects Cockpit versions 270 and newer.

redhat логотип

CVE-2024-2947

CVSS3: 7.3
redhat
около 1 года назад

A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affects Cockpit versions 270 and newer.

nvd логотип

CVE-2024-2947

CVSS3: 7.3
nvd
около 1 года назад

A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affects Cockpit versions 270 and newer.

debian логотип

CVE-2024-2947

CVSS3: 7.3
debian
около 1 года назад

A flaw was found in Cockpit. Deleting a sosreport with a crafted name ...

rocky логотип

RLSA-2024:3667

rocky
около 1 года назад

Moderate: cockpit security update

EPSS

Процентиль: 2%
0.00016
Низкий

7.3 High

CVSS3

CVE ID

CVE-2024-2947

Дефекты

CWE-77