Lucene search
+L

4 matches found

NVD
NVD
added 2023/03/23 8:15 p.m.16 views

CVE-2023-28436

Tailscale is software for using Wireguard and multi-factor authentication MFA. A vulnerability identified in the implementation of Tailscale SSH starting in version 1.34.0 and prior to prior to 1.38.2 in FreeBSD allows commands to be run with a higher privilege group ID than that specified in...

8CVSS6.6AI score0.0046EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/03/23 7:27 p.m.9 views

CVE-2023-28436 Non-interactive Tailscale SSH sessions on FreeBSD may use the effective group ID of the tailscaled process

Tailscale is software for using Wireguard and multi-factor authentication MFA. A vulnerability identified in the implementation of Tailscale SSH starting in version 1.34.0 and prior to prior to 1.38.2 in FreeBSD allows commands to be run with a higher privilege group ID than that specified in...

5.7CVSS8.2AI score0.0046EPSS
Exploits0References4
CVE
CVE
added 2023/03/23 7:27 p.m.327 views

CVE-2023-28436

CVE-2023-28436 affects Tailscale SSH on FreeBSD prior to 1.38.2. A difference in FreeBSD’s setgroups behavior caused the tailscaled egid to be used instead of the user’s, permitting some commands to run with a higher privilege group ID than allowed by Tailscale SSH access rules, under specific co...

8CVSS6.9AI score0.0046EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/03/23 12:0 a.m.42 views

FreeBSD : tailscale -- security vulnerability in Tailscale SSH (1b15a554-c981-11ed-bb39-901b0e9408dc)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 1b15a554-c981-11ed-bb39-901b0e9408dc advisory. - Tailscale team reports: A vulnerability identified in the implementation of Tailscale SSH in FreeBSD...

8CVSS6.9AI score0.0046EPSS
Exploits0References3
Rows per page
Query Builder