CVE-2011-4192

3 documents3 sources
Severity
7.5HIGH
EPSS
0.5%
top 34.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Suse KiwiSuse Studio Extension FOR System ZSuse Studio Onsite
Timeline
PublishedApr 16
Latest updateMay 17

Description

kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands as demonstrated by "double quotes in kiwi_oemtitle of .profile."

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

NVDsuse/kiwi4.85

🔴Vulnerability Details

2
GHSA
GHSA-v92f-g985-p495: kiwi before 42022-05-17
CVEList
CVE-2011-4192: kiwi before 42014-04-16
CVE-2011-4192 (HIGH CVSS 7.5) | kiwi before 4.85.1 | cvebase.io