Vulnerability Description
Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zmanda | Amanda | 3.5.1 |
Related Weaknesses (CWE)
References
- http://www.amanda.org/Product
- https://github.com/MaherAzzouzi/CVE-2022-37704Third Party Advisory
- https://github.com/zmanda/amanda/issues/192
- https://github.com/zmanda/amanda/pull/197Patch
- https://github.com/zmanda/amanda/pull/205Patch
- https://github.com/zmanda/amanda/releases/tag/tag-community-3.5.3
- https://lists.debian.org/debian-lts-announce/2023/02/msg00025.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://marc.info/?l=amanda-hackers
- http://www.amanda.org/Product
- https://github.com/MaherAzzouzi/CVE-2022-37704Third Party Advisory
- https://github.com/zmanda/amanda/issues/192
- https://github.com/zmanda/amanda/pull/197Patch
FAQ
What is CVE-2022-37704?
CVE-2022-37704 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the att...
How severe is CVE-2022-37704?
CVE-2022-37704 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-37704?
Check the references section above for vendor advisories and patch information. Affected products include: Zmanda Amanda.