Lucene search
K

19 matches found

SUSE CVE
SUSE CVE
added 2026/05/14 3:9 a.m.17 views

SUSE CVE-2023-43631

On boot, the Pillar eve container checks for the existence and content of “/config/authorizedkeys”. If the file is present, and contains a supported public key, the container will go on to open port 22 and enable sshd with the given keys as the authorized keys for root login. An attacker could...

8.8CVSS7.3AI score0.0016EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 9:0 a.m.5 views

CVE-2023-43633

On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig/global.json”. If the file exists, it overrides the existing configuration on the device on boot. This allows an attacker to change the system’s configuration, which also includes some debug functions...

8.8CVSS6.8AI score0.0016EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2023/09/21 3:30 p.m.6 views

Duplicate Advisory: EVE: SSH as Root Unlockable Without Triggering Measured Boot

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-phcg-h58r-gmcq. This link is maintained to preserve external references. Original Description On boot, the Pillar eve container checks for the existence and content of “/config/authorizedkeys”. If the file is...

8.8CVSS5.4AI score0.0016EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/09/21 3:30 p.m.3 views

GHSA-F6WP-8J9R-FRRG Duplicate Advisory: EVE: SSH as Root Unlockable Without Triggering Measured Boot

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-phcg-h58r-gmcq. This link is maintained to preserve external references. Original Description On boot, the Pillar eve container checks for the existence and content of “/config/authorizedkeys”. If the file is...

8.8CVSS5.5AI score0.0016EPSS
Exploits0References3
OSV
OSV
added 2023/09/21 2:15 p.m.4 views

CVE-2023-43633

On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig/global.json”. If the file exists, it overrides the existing configuration on the device on boot. This allows an attacker to change the system’s configuration, which also includes some debug functions...

8.8CVSS5.8AI score0.0016EPSS
Exploits0References1
NVD
NVD
added 2023/09/21 2:15 p.m.13 views

CVE-2023-43633

On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig/global.json”. If the file exists, it overrides the existing configuration on the device on boot. This allows an attacker to change the system’s configuration, which also includes some debug functions...

8.8CVSS8.7AI score0.0016EPSS
Exploits0References1
OSV
OSV
added 2023/09/21 2:15 p.m.9 views

CVE-2023-43631

On boot, the Pillar eve container checks for the existence and content of “/config/authorizedkeys”. If the file is present, and contains a supported public key, the container will go on to open port 22 and enable sshd with the given keys as the authorized keys for root login. An attacker could...

8.8CVSS5.8AI score0.0016EPSS
Exploits0References1
NVD
NVD
added 2023/09/21 2:15 p.m.36 views

CVE-2023-43631

On boot, the Pillar eve container checks for the existence and content of “/config/authorizedkeys”. If the file is present, and contains a supported public key, the container will go on to open port 22 and enable sshd with the given keys as the authorized keys for root login. An attacker could...

8.8CVSS8.7AI score0.0016EPSS
Exploits0References1
Prion
Prion
added 2023/09/21 2:15 p.m.18 views

Design/Logic Flaw

On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig/global.json”. If the file exists, it overrides the existing configuration on the device on boot. This allows an attacker to change the system’s configuration, which also includes some debug functions...

4.3CVSS8.6AI score0.0016EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/09/21 2:15 p.m.22 views

Design/Logic Flaw

On boot, the Pillar eve container checks for the existence and content of “/config/authorizedkeys”. If the file is present, and contains a supported public key, the container will go on to open port 22 and enable sshd with the given keys as the authorized keys for root login. An attacker could...

4.3CVSS8.5AI score0.0016EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/09/21 1:17 p.m.36 views

CVE-2023-43631 SSH as Root Unlockable Without Triggering Measured Boot

On boot, the Pillar eve container checks for the existence and content of “/config/authorizedkeys”. If the file is present, and contains a supported public key, the container will go on to open port 22 and enable sshd with the given keys as the authorized keys for root login. An attacker could...

8.8CVSS8.8AI score0.0016EPSS
Exploits0References1
CVE
CVE
added 2023/09/21 1:17 p.m.65 views

CVE-2023-43631

The CVE-2023-43631 issue affects the Pillar/EVE container in EVE OS. On boot, the container checks for /config/authorized_keys and, if a valid public key is present, enables SSH on port 22 for root login. The /config partition is not protected by measured boot, is mutable, and unencrypted, allowi...

8.8CVSS8.7AI score0.0016EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/09/21 1:8 p.m.34 views

CVE-2023-43633 Debug Functions Unlockable Without Triggering Measured Boot

On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig/global.json”. If the file exists, it overrides the existing configuration on the device on boot. This allows an attacker to change the system’s configuration, which also includes some debug functions...

8.8CVSS8.8AI score0.0016EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/09/21 1:8 p.m.18 views

CVE-2023-43633 Debug Functions Unlockable Without Triggering Measured Boot

On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig/global.json”. If the file exists, it overrides the existing configuration on the device on boot. This allows an attacker to change the system’s configuration, which also includes some debug functions...

8.8CVSS6.9AI score0.0016EPSS
Exploits0References1
CVE
CVE
added 2023/09/21 1:8 p.m.52 views

CVE-2023-43633

The CVE concerns the Pillar Eve container in EVE OS. On boot, it checks /config/GlobalConfig/global.json and, if present, overrides device configuration, enabling debug functions such as SSH via debug.enable.ssh, USB keyboard via debug.enable.usb, and VNC via app.allow.vnc. This can occur without...

8.8CVSS8.7AI score0.0016EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/09/21 12:0 a.m.1 views

PT-2023-28887

Name of the Vulnerable Software and Affected Versions Pillar eve container versions 9.0.0 and earlier Description The Pillar eve container checks for the existence and content of /config/authorized keys on boot. If the file is present and contains a supported public key, the container opens port ...

8.8CVSS7.7AI score0.0016EPSS
Exploits0References17
CNNVD
CNNVD
added 2023/09/21 12:0 a.m.21 views

EVE OS Security Vulnerability

EVE OS is a general-purpose, open Linux-based operating system for distributed edge computing open-sourced by IF Edge. EVE OS suffers from a security vulnerability that stems from the Pillar eve container allowing an attacker to add their own key and gain full control of the system...

8.8CVSS6.9AI score0.0016EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/09/21 12:0 a.m.3 views

EVE OS Security Vulnerability

EVE OS is a general-purpose, open Linux-based operating system for distributed edge computing open-sourced by IF Edge. EVE OS suffers from a security vulnerability that stems from the Pillar eve container allowing an attacker to unlock debugging functionality without triggering the measurement...

8.8CVSS6.8AI score0.0016EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/09/21 12:0 a.m.4 views

PT-2023-28889

Name of the Vulnerable Software and Affected Versions Pillar eve container versions 9.0.0 and later, prior to the inclusion of the config partition measurement in PCR13 Description The Pillar eve container checks for the existence and content of /config/GlobalConfig/global.json on boot. If the fi...

8.8CVSS7.8AI score0.0016EPSS
Exploits0References17
Rows per page
Query Builder