Lucene search

RedosROS-20240402-01

HistoryApr 02, 2024 - 12:00 a.m.

ROS-20240402-01

2024-04-0200:00:00

redos.red-soft.ru

vulnerability

pmix

execution

library code

uid 0

exploitation

attacker

remote access

sensitive data

unix

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

49.7%

JSON

A vulnerability in the PMIx process control interface is related to the execution of library code with UID 0.
Exploitation of the vulnerability could allow an attacker acting remotely to gain access to
sensitive data

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64pmix<= 2.1.1-4UNKNOWN

OS	Version	Architecture	Package	Version	Filename
redos	7.3	x86_64	pmix	<= 2.1.1-4	UNKNOWN

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

49.7%

JSON

Related for ROS-20240402-01