Skip to main content

Amanda

3 CVEs product

Monthly

CVE-2023-30577 HIGH POC This Week

AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Amanda
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-37703 LOW Monitor

In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Amanda
NVD GitHub
CVSS 3.1
3.3
EPSS
0.7%
CVE-2019-19469 HIGH POC This Week

In Zmanda Management Console 3.3.9, ZMC_Admin_Advanced?form=adminTasks&action=Apply&command= allows CSRF, as demonstrated by command injection with shell metacharacters. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection CSRF Amanda
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
EPSS 0% CVSS 7.8
HIGH POC This Week

AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Amanda
NVD GitHub
EPSS 1% CVSS 3.3
LOW Monitor

In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Amanda
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

In Zmanda Management Console 3.3.9, ZMC_Admin_Advanced?form=adminTasks&action=Apply&command= allows CSRF, as demonstrated by command injection with shell metacharacters. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection CSRF Amanda
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy