CVE Daily

CVE-2017-10906

Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12...

Critical CVSS 9.8

Overview

Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors.

CWE: N/A Published: 2017-12-08T15:29:00.260
Risk analysis

This vulnerability is rated 🔴 CRITICAL.

  • CVSS: 9.8 (CRITICAL)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags