Описание
A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affects Cockpit versions 270 and newer.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 314-1 |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/noble | not-affected | |
| focal | not-affected | code not present |
| jammy | not-affected | code not present |
| mantic | ignored | end of life, was needs-triage |
| noble | not-affected | |
| oracular | not-affected | 314-1 |
Показывать по
Ссылки на источники
EPSS
7.3 High
CVSS3
Связанные уязвимости
A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affects Cockpit versions 270 and newer.
A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affects Cockpit versions 270 and newer.
A flaw was found in Cockpit. Deleting a sosreport with a crafted name ...
A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affects Cockpit versions 270 and newer.
EPSS
7.3 High
CVSS3