Vulnerabilities > CVE-2017-15914 - Unspecified vulnerability in Borgbackup Borg 1.1.0/1.1.1/1.1.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Incorrect implementation of access controls allows remote users to override repository restrictions in Borg servers 1.1.x before 1.1.3.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 13 |
Nessus
| NASL family | FreeBSD Local Security Checks |
| NASL id | FREEBSD_PKG_0D369972D4BA11E7BFCA005056925DB4.NASL |
| description | BorgBackup reports : Incorrect implementation of access controls allows remote users to override repository restrictions in Borg servers. A user able to access a remote Borg SSH server is able to circumvent access controls post-authentication. Affected releases: 1.1.0, 1.1.1, 1.1.2. Releases 1.0.x are NOT affected. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 104835 |
| published | 2017-11-29 |
| reporter | This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/104835 |
| title | FreeBSD : borgbackup -- remote users can override repository restrictions (0d369972-d4ba-11e7-bfca-005056925db4) |