Home

CVE-2017-10906

Description

Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
4.657

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2017-10906 are fixed in Ruby-fluentd 0.12.41Windows
Vulnerabilities CVE-2017-10906 are fixed in Ruby-fluentd for Linux 0.12.41Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234