FreeBSD: VID-0D369972-D4BA-11E7-BFCA-005056925DB4 (CVE-2017-15914): borgbackup -- remote users can override repository restrictions
|4||(AV:L/AC:M/Au:N/C:P/I:P/A:P)||November 26, 2017||November 28, 2017||December 19, 2017|
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
Incorrect implementation of access controls allows remote users to
override repository restrictions in Borg servers. A user able to
access a remote Borg SSH server is able to circumvent access controls
post-authentication. Affected releases: 1.1.0, 1.1.1, 1.1.2. Releases
1.0.x are NOT affected.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!