Lucene search

Ubuntu.comUB:CVE-2014-2331

HistoryAug 31, 2015 - 12:00 a.m.

CVE-2014-2331

2015-08-3100:00:00

ubuntu.com

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

64.4%

JSON

Check_MK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to
execute arbitrary Python code via a crafted rules.mk file in a snapshot.
NOTE: this can be exploited by remote attackers by leveraging
CVE-2014-2330.

Bugs

<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742689>

References

packetstormsecurity.com/files/125850/DTC-A-20140324-002.txt

launchpad.net/bugs/cve/CVE-2014-2331

nvd.nist.gov/vuln/detail/CVE-2014-2331

security-tracker.debian.org/tracker/CVE-2014-2331

www.cve.org/CVERecord?id=CVE-2014-2331

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

64.4%

JSON

Related for UB:CVE-2014-2331