CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

SUSE CVE•added 2023/02/15 4:23 a.m.•1 views

SUSE CVE-2018-16947

An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. The backup tape controller butc process accepts incoming RPCs but does not require or allow for authentication of those RPCs. Handling those RPCs results in operations being performed with administrator credentials, includin...

9.8CVSS9.6AI score0.01486EPSS

Exploits0References3

Mageia•added 2019/01/08 9:50 p.m.•27 views

Updated openafs packages fix security vulnerabilities

Jeffrey Altman reported that the backup tape controller butc process does accept incoming RPCs but does not require or allow for authentication of those RPCs, allowing an unauthenticated attacker to perform volume operations with administrator credentials CVE-2018-16947. Mark Vitale reported that...

9.8CVSS2.2AI score0.04608EPSS

Exploits0References6

OSV•added 2019/01/08 9:50 p.m.•4 views

MGASA-2019-0021 Updated openafs packages fix security vulnerabilities

9.8CVSS8.5AI score0.04608EPSS

Exploits0References7

CNVD•added 2018/09/16 12:0 a.m.•1 views

OpenAFS has an unspecified vulnerability

OpenAFS is a distributed file system that allows sharing of archives and resources between systems over LANs and WANs. A security vulnerability exists in OpenAFS versions prior to 1.6.23 and 1.8.x prior to 1.8.2, which stems from the backup tape controller process not requiring authentication for...

9.8CVSS7AI score0.01486EPSS

Exploits0References1