Lucene search
FacebookVULNRICHMENT:CVE-2023-45239HistoryOct 06, 2023 - 5:16 p.m.
CVE-2023-45239
2023-10-0617:16:16
facebook
github.com
input validation
tac_plus
remote code execution
A lack of input validation exists in tac_plus prior to commit 4fdf178 which, when pre or post auth commands are enabled, allows an attacker who can control the username, rem-addr, or NAC address sent to tac_plus to inject shell commands and gain remote code execution on the tac_plus server.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:meta:tac_plus:*:*:*:*:*:*:*:*"
],
"vendor": "meta",
"product": "tac_plus",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "4fdf178",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]Related
nessus
nessus
Fedora 38 : tacacs (2023-6f9e904861)
2023-10-06 00:00:00
Fedora 39 : tacacs (2023-96c21ed09c)
2023-11-07 00:00:00
Fedora 40 : tacacs (2023-a219299297)
2024-04-29 00:00:00
cvelist
cvelist
CVE-2023-45239
2023-10-06 17:16:16
CVE-2023-48643
1976-01-01 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: tacacs-F4.0.4.28.7fb~20231005g4fdf178-1.fc37
2023-10-06 00:51:24
[SECURITY] Fedora 38 Update: tacacs-F4.0.4.28.7fb~20231005g4fdf178-1.fc38
2023-10-06 01:31:45
[SECURITY] Fedora 39 Update: tacacs-F4.0.4.28.7fb~20231005g4fdf178-1.fc39
2023-10-09 22:27:06
prion
prion
Input validation
2023-10-06 18:15:00
gentoo
gentoo
TACACS+: Remote Code Execution
2024-02-18 00:00:00
nvd
nvd
CVE-2023-45239
2023-10-06 18:15:12
CVE-2023-48643
2024-05-16 16:15:08
openvas
openvas
Fedora: Security Advisory for tacacs (FEDORA-2023-ef2653f707)
2023-10-06 00:00:00
Fedora: Security Advisory for tacacs (FEDORA-2023-96c21ed09c)
2023-10-10 00:00:00
Fedora: Security Advisory for tacacs (FEDORA-2023-6f9e904861)
2023-10-07 00:00:00
cve
cve
CVE-2023-45239
2023-10-06 18:15:12
CVE-2023-48643
2024-05-16 16:15:08
vulnrichment
vulnrichment
CVE-2023-48643
1976-01-01 00:00:00
AI Score
8.3
Confidence
Low
SSVC
Exploitation
none
Automatable
yes
Technical Impact
total
Related for VULNRICHMENT:CVE-2023-45239