Lucene search
Veracode Vulnerability DatabaseVERACODE:43061HistorySep 01, 2023 - 7:21 a.m.
OS Command Injection
2023-09-0107:21:59
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
command injection
shell sanitization
user input
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
47.6%
find-exec is vulnerable to Command Injection. The vulnerability is due to inadequate user input shell sanitization. An attacker could exploit this vulnerability by manipulating input parameters, thereby executing harmful shell commands within the context of the running process.
Related
osv
osv
CVE-2023-40582
2023-08-30 18:15:09
Command Injection Vulnerability in find-exec
2023-08-30 20:08:58
nvd
nvd
CVE-2023-40582
2023-08-30 18:15:09
cve
cve
CVE-2023-40582
2023-08-30 18:15:09
cvelist
cvelist
CVE-2023-40582 Command Injection Vulnerability in find-exec
2023-08-30 17:39:20
prion
prion
Command injection
2023-08-30 18:15:00
github
github
Command Injection Vulnerability in find-exec
2023-08-30 20:08:58
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
47.6%
Related for VERACODE:43061