Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-7383HistoryAug 05, 2024 - 2:15 p.m.
CVE-2024-7383
2024-08-0514:15:35
Debian Security Bug Tracker
security-tracker.debian.org
flaw
libnbd
client verification
unix
CVSS3
7.4
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
6.7
Confidence
Low
EPSS
0
Percentile
16.3%
A flaw was found in libnbd. The client did not always correctly verify the NBD server’s certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD traffic.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libnbd | <= 1.14.2-1 | libnbd_1.14.2-1_all.deb |
| Debian | 11 | all | libnbd | <= 1.6.1-1 | libnbd_1.6.1-1_all.deb |
| Debian | 999 | all | libnbd | < 1.20.2-1 | libnbd_1.20.2-1_all.deb |
| Debian | 13 | all | libnbd | < 1.20.2-1 | libnbd_1.20.2-1_all.deb |
Related
nessus
nessus
CBL Mariner 2.0 Security Update: libnbd (CVE-2024-7383)
2024-09-12 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : libnbd (SUSE-SU-2024:2813-1)
2024-08-08 00:00:00
openSUSE 15 Security Update : libnbd (SUSE-SU-2024:2789-1)
2024-08-07 00:00:00
redhatcve
redhatcve
CVE-2024-7383
2024-08-04 16:15:40
nvd
nvd
CVE-2024-7383
2024-08-05 14:15:35
osv
osv
Security update for libnbd
2024-08-06 14:10:32
Security update for libnbd
2024-08-07 10:01:38
CVE-2024-7383
2024-08-05 14:15:35
cvelist
cvelist
CVE-2024-7383 Libnbd: nbd server improper certificate validation
2024-08-05 13:19:13
cbl_mariner
cbl_mariner
CVE-2024-7383 affecting package libnbd for versions less than 1.12.1-4
2024-09-06 19:16:47
redhat
redhat
(RHSA-2024:6757) Moderate: libnbd security update
2024-09-18 12:39:55
cve
cve
CVE-2024-7383
2024-08-05 14:15:35
vulnrichment
vulnrichment
CVE-2024-7383 Libnbd: nbd server improper certificate validation
2024-08-05 13:19:13
CVSS3
7.4
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
6.7
Confidence
Low
EPSS
0
Percentile
16.3%
Related for DEBIANCVE:CVE-2024-7383