Security Advisory

CVE-2022-37704

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-04-16 00:00:00

Last updated 2025-11-04 16:09:49

Assigner mitre

State PUBLISHED

Description

Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure.

← Browse all CVEs View on cve.org ↗