Vulnerabilities > CVE-2017-10906

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
fluentd
redhat
critical
NVD
Published: 2017-12-08
Updated: 2021-08-04

Summary

Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors.

Vulnerable Configurations

Part Description Count
Application
Fluentd
12
Application
Redhat
1

Redhat

advisories
rhsa
idRHSA-2018:2225
rpmsfluentd-0:0.12.41-1.el7

References