Vulnerabilities > Zmanda
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-26 | CVE-2023-30577 | Argument Injection or Modification vulnerability in Zmanda Amanda AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705. | 7.8 |
2023-04-16 | CVE-2022-37704 | Command Injection vulnerability in Zmanda Amanda 3.5.1 Amanda 3.5.1 allows privilege escalation from the regular user backup to root. | 6.7 |
2023-04-16 | CVE-2022-37705 | Argument Injection or Modification vulnerability in Zmanda Amanda 3.5.1 A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. | 6.7 |
2019-12-01 | CVE-2019-19469 | OS Command Injection vulnerability in Zmanda Amanda 3.3.9 In Zmanda Management Console 3.3.9, ZMC_Admin_Advanced?form=adminTasks&action=Apply&command= allows CSRF, as demonstrated by command injection with shell metacharacters. | 8.8 |
2018-10-24 | CVE-2016-10730 | Permissions, Privileges, and Access Controls vulnerability in multiple products An issue was discovered in Amanda 3.3.1. | 7.8 |
2018-10-24 | CVE-2016-10729 | Command Injection vulnerability in multiple products An issue was discovered in Amanda 3.3.1. | 7.8 |