CVE-2014-4870

/opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 does not properly validate parameters, which allows local users to gain privileges by leveraging the sudo configuration.
References
Link Resource
http://www.kb.cert.org/vuls/id/111588 Third Party Advisory US Government Resource
http://www.kb.cert.org/vuls/id/111588 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:brocade:vyatta_5400_vrouter_software:6.4:*:*:*:*:*:*:*
cpe:2.3:a:brocade:vyatta_5400_vrouter_software:6.6:*:*:*:*:*:*:*
cpe:2.3:a:brocade:vyatta_5400_vrouter_software:6.7:*:*:*:*:*:*:*
cpe:2.3:h:brocade:vyatta_5400_vrouter:-:*:*:*:*:*:*:*

History

21 Nov 2024, 02:11

Type Values Removed Values Added
References () http://www.kb.cert.org/vuls/id/111588 - Third Party Advisory, US Government Resource () http://www.kb.cert.org/vuls/id/111588 - Third Party Advisory, US Government Resource

Information

Published : 2014-10-07 10:55

Updated : 2024-11-21 02:11


NVD link : CVE-2014-4870

Mitre link : CVE-2014-4870

CVE.ORG link : CVE-2014-4870


JSON object : View

Products Affected

brocade

  • vyatta_5400_vrouter
  • vyatta_5400_vrouter_software
CWE
CWE-20

Improper Input Validation