Lucene search

MitreCVE-2023-30577

HistoryJul 26, 2023 - 5:15 p.m.

CVE-2023-30577

2023-07-2617:15:10

CWE-88

mitre

web.nvd.nist.gov

cve-2023-30577

amanda

advanced maryland automatic network disk archiver

vulnerability

nvd

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

18.0%

JSON

AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705.

Affected configurations

Nvd

Node

zmandaamandaRange<3.5.4

References

github.com/zmanda/amanda/releases/tag/tag-community-3.5.4

github.com/zmanda/amanda/security/advisories/GHSA-crrw-v393-h5q3

lists.debian.org/debian-lts-announce/2023/12/msg00003.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7OITHG7FBD7HQRX2XT75GSGWB3D6XSZU/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YYGJJARVLRBMNWSNXKZBXZNX3M53OVPA/

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

18.0%

JSON

Related for CVE-2023-30577