Lucene search

K
nvd[email protected]NVD:CVE-2023-46316
HistoryOct 25, 2023 - 6:17 p.m.

CVE-2023-46316

2023-10-2518:17:37
CWE-234
web.nvd.nist.gov
10
cve-2023-46316
traceroute
wrapper scripts
command line
parsing
vulnerability

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.8

Confidence

High

EPSS

0

Percentile

5.1%

In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines.

Affected configurations

Nvd
Node
buctracerouteRange2.0.122.1.3linux
Node
debiandebian_linuxMatch10.0
OR
debiandebian_linuxMatch11.0
OR
debiandebian_linuxMatch12.0
VendorProductVersionCPE
buctraceroute*cpe:2.3:a:buc:traceroute:*:*:*:*:*:linux:*:*
debiandebian_linux10.0cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
debiandebian_linux11.0cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
debiandebian_linux12.0cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.8

Confidence

High

EPSS

0

Percentile

5.1%