Storebackup
1 CVEs
product
Monthly
storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
Privilege Escalation
Storebackup
Debian Linux
Backports Sle
Leap
+1
NVD
CVSS 3.1
8.1
EPSS
2.9%
EPSS 3%
CVSS 8.1
HIGH
PATCH
This Week
storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
Privilege Escalation
Storebackup
Debian Linux
+3
NVD