CVE-2020-21583

Опубликовано: 22 авг. 2023

Источник: nvd

CVSS3: 6.7

EPSS Низкий

Описание

An issue was discovered in hwclock.13-v2.27 allows attackers to gain escalated privlidges or execute arbitrary commands via the path parameter when setting the date.

Ссылки

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786804
Exploit
Mailing List
Patch
Third Party Advisory
https://packetstormsecurity.com/files/132061/hwclock-Privilege-Escalation.html
Exploit
Third Party Advisory
VDB Entry
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786804
Exploit
Mailing List
Patch
Third Party Advisory
https://packetstormsecurity.com/files/132061/hwclock-Privilege-Escalation.html
Exploit
Third Party Advisory
VDB Entry
https://security.netapp.com/advisory/ntap-20241220-0006/

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:kernel:util-linux:*:*:*:*:*:*:*:*

Версия до 2.27 (исключая)

EPSS

Процентиль: 10%

0.00035

Низкий

6.7 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-78

Связанные уязвимости

CVE-2020-21583

CVSS3: 6.7

ubuntu

больше 2 лет назад

An issue was discovered in hwclock.13-v2.27 allows attackers to gain escalated privlidges or execute arbitrary commands via the path parameter when setting the date.

CVE-2020-21583

CVSS3: 6.4

redhat

больше 2 лет назад

An issue was discovered in hwclock.13-v2.27 allows attackers to gain escalated privlidges or execute arbitrary commands via the path parameter when setting the date.

CVE-2020-21583

CVSS3: 6.7

debian

больше 2 лет назад

An issue was discovered in hwclock.13-v2.27 allows attackers to gain e ...

GHSA-c5mr-x8m3-hpc9

CVSS3: 6.7

github

больше 2 лет назад

An issue was discovered in hwclock.13-v2.27 allows attackers to gain escalated privlidges or execute arbitrary commands via the path parameter when setting the date.

EPSS

Процентиль: 10%

0.00035

Низкий

6.7 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-78