Lucene search

RedosROS-20240410-06

HistoryApr 10, 2024 - 12:00 a.m.

ROS-20240410-06

2024-04-1000:00:00

redos.red-soft.ru

sudo

vulnerability

encoding

mechanism

remote access

sensitive data

unix

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

28.7%

JSON

The vulnerability in the Sudo system administration program is related to a flaw in the mechanism for encoding or
or shielding of output data. Exploitation of the vulnerability allows an attacker acting remotely
gain access to sensitive data

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64sudo<= 1.9.15p1-1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
redos	7.3	x86_64	sudo	<= 1.9.15p1-1	UNKNOWN

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

28.7%

JSON

Related for ROS-20240410-06