CVE-2017-1000215 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2017-1000215 Interim 1 11 2023-02-10T02:02:02Z current 2021-05-30T14:06:09Z 2023-02-10T02:02:02Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2017-1000215 ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP3 xrootd xrootd-cl-devel xrootd-client xrootd-client-devel xrootd-libs xrootd-libs-devel xrootd-private-devel xrootd-server xrootd-server-devel xrootd-client as a component of SUSE Linux Enterprise Desktop 12 SP3 xrootd-libs as a component of SUSE Linux Enterprise Desktop 12 SP3 xrootd-server as a component of SUSE Linux Enterprise Desktop 12 SP3 xrootd as a component of SUSE Linux Enterprise Desktop 12 SP3 xrootd-cl-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 xrootd-client as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 xrootd-client-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 xrootd-libs as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 xrootd-libs-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 xrootd-private-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 xrootd-server as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 xrootd-server-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 xrootd as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 xrootd-cl-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 xrootd-client as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 xrootd-client-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 xrootd-libs as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 xrootd-libs-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 xrootd-private-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 xrootd-server as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 xrootd-server-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 xrootd as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 xrootd-client as a component of SUSE Linux Enterprise Workstation Extension 12 SP2 xrootd-libs as a component of SUSE Linux Enterprise Workstation Extension 12 SP2 xrootd-server as a component of SUSE Linux Enterprise Workstation Extension 12 SP2 xrootd as a component of SUSE Linux Enterprise Workstation Extension 12 SP2 xrootd-client as a component of SUSE Linux Enterprise Workstation Extension 12 SP3 xrootd-libs as a component of SUSE Linux Enterprise Workstation Extension 12 SP3 xrootd-server as a component of SUSE Linux Enterprise Workstation Extension 12 SP3 xrootd as a component of SUSE Linux Enterprise Workstation Extension 12 SP3 ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution CVE-2017-1000215 SUSE Linux Enterprise Desktop 12 SP3:xrootd SUSE Linux Enterprise Desktop 12 SP3:xrootd-client SUSE Linux Enterprise Desktop 12 SP3:xrootd-libs SUSE Linux Enterprise Desktop 12 SP3:xrootd-server SUSE Linux Enterprise Software Development Kit 12 SP2:xrootd SUSE Linux Enterprise Software Development Kit 12 SP2:xrootd-cl-devel SUSE Linux Enterprise Software Development Kit 12 SP2:xrootd-client SUSE Linux Enterprise Software Development Kit 12 SP2:xrootd-client-devel SUSE Linux Enterprise Software Development Kit 12 SP2:xrootd-libs SUSE Linux Enterprise Software Development Kit 12 SP2:xrootd-libs-devel SUSE Linux Enterprise Software Development Kit 12 SP2:xrootd-private-devel SUSE Linux Enterprise Software Development Kit 12 SP2:xrootd-server SUSE Linux Enterprise Software Development Kit 12 SP2:xrootd-server-devel SUSE Linux Enterprise Software Development Kit 12 SP3:xrootd SUSE Linux Enterprise Software Development Kit 12 SP3:xrootd-cl-devel SUSE Linux Enterprise Software Development Kit 12 SP3:xrootd-client SUSE Linux Enterprise Software Development Kit 12 SP3:xrootd-client-devel SUSE Linux Enterprise Software Development Kit 12 SP3:xrootd-libs SUSE Linux Enterprise Software Development Kit 12 SP3:xrootd-libs-devel SUSE Linux Enterprise Software Development Kit 12 SP3:xrootd-private-devel SUSE Linux Enterprise Software Development Kit 12 SP3:xrootd-server SUSE Linux Enterprise Software Development Kit 12 SP3:xrootd-server-devel SUSE Linux Enterprise Workstation Extension 12 SP2:xrootd SUSE Linux Enterprise Workstation Extension 12 SP2:xrootd-client SUSE Linux Enterprise Workstation Extension 12 SP2:xrootd-libs SUSE Linux Enterprise Workstation Extension 12 SP2:xrootd-server SUSE Linux Enterprise Workstation Extension 12 SP3:xrootd SUSE Linux Enterprise Workstation Extension 12 SP3:xrootd-client SUSE Linux Enterprise Workstation Extension 12 SP3:xrootd-libs SUSE Linux Enterprise Workstation Extension 12 SP3:xrootd-server important 10 AV:N/AC:L/Au:N/C:C/I:C/A:C 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H