Описание
The doHotCopy subroutine in socket-server.pl in Zmanda Recovery Manager (ZRM) for MySQL 2.x before 2.1.1 allows remote attackers to execute arbitrary commands via vectors involving a crafted $MYSQL_BINPATH variable.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:zmanda:zrm_for_my_sql:2.1:*:community:*:*:*:*:*
EPSS
Процентиль: 90%
0.05789
Низкий
10 Critical
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
почти 4 года назад
The doHotCopy subroutine in socket-server.pl in Zmanda Recovery Manager (ZRM) for MySQL 2.x before 2.1.1 allows remote attackers to execute arbitrary commands via vectors involving a crafted $MYSQL_BINPATH variable.
EPSS
Процентиль: 90%
0.05789
Низкий
10 Critical
CVSS2
Дефекты
CWE-20