Security Advisory

CVE-2024-49400

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-17 17:15:17

Last updated 2024-11-01 18:35:40

Assigner facebook

State PUBLISHED

Description

Tacquito prior to commit 07b49d1358e6ec0b5aa482fcd284f509191119e2 was not properly performing regex matches on authorized commands and arguments. Configured allowed commands/arguments were intended to require a match on the entire string, but instead only enforced a match on a sub-string. That would have potentially allowed unauthorized commands to be executed.

← Browse all CVEs View on cve.org ↗