CVE-2017-1000469

Опубликовано: 03 янв. 2018

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 10

CVSS3: 9.8

Описание

Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
eoan	DNE
esm-apps/xenial	released	2.4.1-0ubuntu2+esm1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was needed]
esm-infra/focal	DNE
focal	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 76%

0.0095

Низкий

10 Critical

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2017-1000469

CVSS3: 8.8

redhat

больше 8 лет назад

Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user.

CVE-2017-1000469

CVSS3: 9.8

nvd

около 8 лет назад

Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user.

CVE-2017-1000469

CVSS3: 9.8

debian

около 8 лет назад

Cobbler version up to 2.8.2 is vulnerable to a command injection vulne ...

openSUSE-SU-2018:1770-1

suse-cvrf

больше 7 лет назад

Security update for cobbler

SUSE-SU-2018:1741-1

suse-cvrf

больше 7 лет назад

Security update for cobbler

EPSS

Процентиль: 76%

0.0095

Низкий

10 Critical

CVSS2

9.8 Critical

CVSS3

CVE-2017-1000469

Описание

Пакет cobbler

Ссылки на источники

Связанные уязвимости