CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
61.0%
cmdlineopts.clp in grml-debootstrap in Debian 0.54, 0.68.x before 0.68.1, 0.7x before 0.78 is sourced without checking that the local directory is writable by non-root users.
Vendor | Product | Version | CPE |
---|---|---|---|
grml | grml-debootstrap | 0.54 | cpe:2.3:a:grml:grml-debootstrap:0.54:*:*:*:*:*:*:* |
grml | grml-debootstrap | 0.68 | cpe:2.3:a:grml:grml-debootstrap:0.68:*:*:*:*:*:*:* |
grml | grml-debootstrap | 0.70 | cpe:2.3:a:grml:grml-debootstrap:0.70:*:*:*:*:*:*:* |
grml | grml-debootstrap | 0.71 | cpe:2.3:a:grml:grml-debootstrap:0.71:*:*:*:*:*:*:* |
grml | grml-debootstrap | 0.72 | cpe:2.3:a:grml:grml-debootstrap:0.72:*:*:*:*:*:*:* |
grml | grml-debootstrap | 0.73 | cpe:2.3:a:grml:grml-debootstrap:0.73:*:*:*:*:*:*:* |
grml | grml-debootstrap | 0.74 | cpe:2.3:a:grml:grml-debootstrap:0.74:*:*:*:*:*:*:* |
grml | grml-debootstrap | 0.75 | cpe:2.3:a:grml:grml-debootstrap:0.75:*:*:*:*:*:*:* |
grml | grml-debootstrap | 0.76 | cpe:2.3:a:grml:grml-debootstrap:0.76:*:*:*:*:*:*:* |
grml | grml-debootstrap | 0.77 | cpe:2.3:a:grml:grml-debootstrap:0.77:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
61.0%