Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2017-1000082
HistoryJul 07, 2017 - 5:29 p.m.

CVE-2017-1000082

2017-07-0717:29:00
CWE-269
mitre
web.nvd.nist.gov
61
systemd
cve
2017
1000082
username parsing
vulnerability
nvd

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

0.007

Percentile

80.6%

JSON

systemd v233 and earlier fails to safely parse usernames starting with a numeric digit (e.g. “0day”), running the service in question with root privileges rather than the user intended.

Affected configurations

Nvd
Node
systemd_projectsystemdRange233
VendorProductVersionCPE
systemd_projectsystemd*cpe:2.3:a:systemd_project:systemd:*:*:*:*:*:*:*:*

Related

osv 2
cvelist 2
debiancve 2
redhatcve 1
ubuntucve 2
prion 2
nvd 2
openvas 4
nessus 10
veracode 1
cve 1
f5 1
broadcom 1
kitploit 1
rosalinux 1
ics 1
osv
osv
CVE-2017-1000082
2017-07-07 17:29:00
CVE-2020-13776
2020-06-03 03:15:10
cvelist
cvelist
CVE-2017-1000082
2017-07-07 17:00:00
CVE-2020-13776
2020-06-03 02:05:22
debiancve
debiancve
CVE-2017-1000082
2017-07-07 17:29:00
CVE-2020-13776
2020-06-03 03:15:10
redhatcve
redhatcve
CVE-2017-1000082
2017-07-07 04:48:35
ubuntucve
ubuntucve
CVE-2017-1000082
2017-07-07 00:00:00
CVE-2020-13776
2020-06-03 00:00:00
prion
prion
Design/Logic Flaw
2017-07-07 17:29:00
Buffer overflow
2020-06-03 03:15:00
nvd
nvd
CVE-2017-1000082
2017-07-07 17:29:00
CVE-2020-13776
2020-06-03 03:15:10
openvas
openvas
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2021-1258)
2021-02-05 00:00:00
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2021-1534)
2021-03-05 00:00:00
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2021-1174)
2021-02-02 00:00:00
nessus
nessus
EulerOS Virtualization for ARM 64 3.0.6.0 : systemd (EulerOS-SA-2021-1534)
2021-03-04 00:00:00
EulerOS 2.0 SP9 : systemd (EulerOS-SA-2021-1258)
2021-02-05 00:00:00
EulerOS 2.0 SP9 : systemd (EulerOS-SA-2021-1277)
2021-02-05 00:00:00
veracode
veracode
Privilege Escalation
2020-06-04 05:32:51
cve
cve
CVE-2020-13776
2020-06-03 03:15:10
f5
f5
K04572666 : systemd vulnerability CVE-2020-13776
2020-07-02 00:00:00
broadcom
broadcom
A flaw was found in systemd, where it mishandles numerical usernames beginning with decimal digits, or "0x" followed by hexadecimal digits.(CVE-2020-13776)
2023-11-07 00:00:00
kitploit
kitploit
Master_Librarian - A Simple Tool To Audit Unix/*BSD/Linux System Libraries To Find Public Security Vulnerabilities
2022-03-09 20:30:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1982
2021-07-02 18:13:58
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

0.007

Percentile

80.6%

JSON
Related for CVE-2017-1000082
osv2cvelist2debiancve2redhatcve1ubuntucve2prion2nvd2openvas4nessus10veracode1cve1f51broadcom1kitploit1rosalinux1ics1