Vulnerabilities > Bareos > Bareos > 17.2.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-10 | CVE-2020-4042 | Authentication Bypass by Capture-replay vulnerability in Bareos Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. | 6.8 |
| 2020-07-10 | CVE-2020-11061 | In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. | 7.4 |