Vulnerabilities > Zmanda

DATE CVE VULNERABILITY TITLE RISK
2023-07-26 CVE-2023-30577 Argument Injection or Modification vulnerability in Zmanda Amanda
AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705.
local
low complexity
zmanda CWE-88
7.8
2023-04-16 CVE-2022-37704 Command Injection vulnerability in Zmanda Amanda 3.5.1
Amanda 3.5.1 allows privilege escalation from the regular user backup to root.
local
low complexity
zmanda CWE-77
6.7
2023-04-16 CVE-2022-37705 Argument Injection or Modification vulnerability in Zmanda Amanda 3.5.1
A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges.
local
low complexity
zmanda CWE-88
6.7
2019-12-01 CVE-2019-19469 OS Command Injection vulnerability in Zmanda Amanda 3.3.9
In Zmanda Management Console 3.3.9, ZMC_Admin_Advanced?form=adminTasks&action=Apply&command= allows CSRF, as demonstrated by command injection with shell metacharacters.
network
low complexity
zmanda CWE-78
8.8
2018-10-24 CVE-2016-10730 Permissions, Privileges, and Access Controls vulnerability in multiple products
An issue was discovered in Amanda 3.3.1.
local
low complexity
zmanda redhat CWE-264
7.8
2018-10-24 CVE-2016-10729 Command Injection vulnerability in multiple products
An issue was discovered in Amanda 3.3.1.
local
low complexity
zmanda redhat debian CWE-77
7.8