Vulnerabilities > CVE-2017-15914 - Unspecified vulnerability in Borgbackup Borg 1.1.0/1.1.1/1.1.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Incorrect implementation of access controls allows remote users to override repository restrictions in Borg servers 1.1.x before 1.1.3.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 13 |
Nessus
NASL family | FreeBSD Local Security Checks |
NASL id | FREEBSD_PKG_0D369972D4BA11E7BFCA005056925DB4.NASL |
description | BorgBackup reports : Incorrect implementation of access controls allows remote users to override repository restrictions in Borg servers. A user able to access a remote Borg SSH server is able to circumvent access controls post-authentication. Affected releases: 1.1.0, 1.1.1, 1.1.2. Releases 1.0.x are NOT affected. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 104835 |
published | 2017-11-29 |
reporter | This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/104835 |
title | FreeBSD : borgbackup -- remote users can override repository restrictions (0d369972-d4ba-11e7-bfca-005056925db4) |