CVE-2022-37030

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-37030

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-37030.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-37030

Published

2022-08-04T23:15:08Z

Modified

2025-01-08T09:06:14.835019Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Weak permissions on the configuration file in the PAM module in Grommunio Gromox 0.5 through 1.x before 1.28 allow a local unprivileged user in the gromox group to have the PAM stack execute arbitrary code upon loading the Gromox PAM module.

References

Affected packages

Git / github.com/grommunio/gromox

Affected ranges

Type: GIT
Repo: https://github.com/grommunio/gromox
Events: Introduced

004f2db05d4a0b3bf196379559245901adf56a35

Fixed

963c1ff1393e6c61d285c74fca709698e27a537b

Affected versions

gromox-0.*

gromox-0.10

gromox-0.11

gromox-0.12

gromox-0.13

gromox-0.14

gromox-0.15

gromox-0.16

gromox-0.17

gromox-0.18

gromox-0.19

gromox-0.20

gromox-0.21

gromox-0.22

gromox-0.23

gromox-0.24

gromox-0.25

gromox-0.26

gromox-0.27

gromox-0.5

gromox-0.6

gromox-0.7

gromox-0.8

gromox-0.9

gromox-1.*

gromox-1.0

gromox-1.1

gromox-1.10

gromox-1.11

gromox-1.12

gromox-1.13

gromox-1.14

gromox-1.15

gromox-1.15.32

gromox-1.16

gromox-1.17

gromox-1.18

gromox-1.19

gromox-1.2

gromox-1.20

gromox-1.21

gromox-1.22

gromox-1.23

gromox-1.24

gromox-1.25

gromox-1.26

gromox-1.27

gromox-1.3

gromox-1.4

gromox-1.5

gromox-1.6

gromox-1.7

gromox-1.8

gromox-1.9