CVE-2017-7480

Critical

rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing mirror update resulting into potential…

redhat·CWE-300·Published 2017-07-21

CVSS

9.8

EPSS

0.02

KEV

Exploits

cve.orgen

157 chars

rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing mirror update resulting into potential remote code execution.

NVDen

157 chars

rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing mirror update resulting into potential remote code execution.

NVDes

195 chars

rkhunter versiones anteriores a 1.4.4, es vulnerable a descargar archivos en canales no seguros cuando se realiza una actualización espejo, resultando en una potencial ejecución de código remota.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H