ID |
CVE-2023-7216
|
Sažetak |
A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which allows files to be written in arbitrary directories through symlinks. |
Reference |
|
CVSS |
Base: | 5.3 |
Impact: | 3.4 |
Exploitability: | 1.8 |
|
Pristup |
Vektor | Složenost | Autentikacija |
LOCAL |
LOW |
NONE |
|
Impact |
Povjerljivost | Cjelovitost | Dostupnost |
LOW |
LOW |
LOW |
|
CVSS vektor |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
Zadnje važnije ažuriranje |
19-09-2024 - 06:15 |
Objavljeno |
05-02-2024 - 15:15 |