An OS Command Injection vulnerability in the configuration parser of Eve-NG Professional through 4.0.1-65 and Eve-NG Community through 2.0.3-112 allows a remote authenticated attacker to execute commands as root by editing virtualization command parameters of imported UNL files.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-05-04T13:16:52
Updated: 2024-08-03T05:41:10.764Z
Reserved: 2022-03-25T00:00:00
Link: CVE-2022-27903
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-05-04T14:15:08.663
Modified: 2022-05-11T19:07:01.287
Link: CVE-2022-27903
Redhat
No data.