Search

Find a vulnerability

Search criteria

    12 vulnerabilities found for bareos by bareos

    CVE-2024-45044 (GCVE-0-2024-45044)

    Vulnerability from nvd – Published: 2024-09-10 14:57 – Updated: 2024-09-10 19:23
    VLAI
    Title
    Bareos's negative command ACLs can be circumvented by abbreviating commands
    Summary
    Bareos is open source software for backup, archiving, and recovery of data for operating systems. When a command ACL is in place and a user executes a command in bconsole using an abbreviation (i.e. "w" for "whoami") the ACL check did not apply to the full form (i.e. "whoami") but to the abbreviated form (i.e. "w"). If the command ACL is configured with negative ACL that should forbid using the "whoami" command, you could still use "w" or "who" as a command successfully. Fixes for the problem are shipped in Bareos versions 23.0.4, 22.1.6 and 21.1.11. If only positive command ACLs are used without any negation, the problem does not occur.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    bareos bareos Affected: >= 23.0.0, < 23.0.4
    Affected: >= 22.0.0, < 22.1.6
    Affected: < 21.1.11
    Create a notification for this product.
    bareos bareos Affected: 23.0.0 , < 23.0.4 (custom)
    Affected: 22.0.0 , < 22.1.6 (custom)
    Affected: 0 , < 21.1.11 (custom)
        cpe:2.3:a:bareos:bareos:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:bareos:bareos:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "bareos",
                "vendor": "bareos",
                "versions": [
                  {
                    "lessThan": "23.0.4",
                    "status": "affected",
                    "version": "23.0.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "22.1.6",
                    "status": "affected",
                    "version": "22.0.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "21.1.11",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-45044",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T19:21:00.578548Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T19:23:58.214Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "bareos",
              "vendor": "bareos",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 23.0.0, \u003c 23.0.4"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 22.0.0, \u003c 22.1.6"
                },
                {
                  "status": "affected",
                  "version": "\u003c 21.1.11"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Bareos is open source software for backup, archiving, and recovery of data for operating systems. When a command ACL is in place and a user executes a command in bconsole using an abbreviation (i.e. \"w\" for \"whoami\") the ACL check did not apply to the full form (i.e. \"whoami\") but to the abbreviated form (i.e. \"w\"). If the command ACL is configured with negative ACL that should forbid using the \"whoami\" command, you could still use \"w\" or \"who\" as a command successfully. Fixes for the problem are shipped in Bareos versions 23.0.4, 22.1.6 and 21.1.11. If only positive command ACLs are used without any negation, the problem does not occur."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285: Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-10T14:57:57.464Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/bareos/bareos/security/advisories/GHSA-jfww-q346-r2r8",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/bareos/bareos/security/advisories/GHSA-jfww-q346-r2r8"
            },
            {
              "name": "https://github.com/bareos/bareos/pull/1875",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/bareos/bareos/pull/1875"
            },
            {
              "name": "https://github.com/bareos/bareos/commit/2a026698b87d13bd1c6275726b5e826702f81dd5",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/bareos/bareos/commit/2a026698b87d13bd1c6275726b5e826702f81dd5"
            }
          ],
          "source": {
            "advisory": "GHSA-jfww-q346-r2r8",
            "discovery": "UNKNOWN"
          },
          "title": "Bareos\u0027s negative command ACLs can be circumvented by abbreviating commands"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2024-45044",
        "datePublished": "2024-09-10T14:57:57.464Z",
        "dateReserved": "2024-08-21T17:53:51.331Z",
        "dateUpdated": "2024-09-10T19:23:58.214Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-24756 (GCVE-0-2022-24756)

    Vulnerability from nvd – Published: 2022-03-15 14:40 – Updated: 2025-04-22 18:18
    VLAI
    Title
    Missing Release of Memory after Effective Lifetime in Bareos Director
    Summary
    Bareos is open source software for backup, archiving, and recovery of data for operating systems. When Bareos Director >= 18.2 but prior to 21.1.0, 20.0.6, and 19.2.12 is built and configured for PAM authentication, a failed PAM authentication will leak a small amount of memory. An attacker that is able to use the PAM Console (i.e. by knowing the shared secret or via the WebUI) can flood the Director with failing login attempts which will eventually lead to an out-of-memory condition in which the Director will not work anymore. Bareos Director versions 21.1.0, 20.0.6 and 19.2.12 contain a Bugfix for this problem. Users who are unable to upgrade may disable PAM authentication as a workaround.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-401 - Missing Release of Memory after Effective Lifetime
    Assigner
    Impacted products
    Vendor Product Version
    bareos bareos Affected: >= 18.2, < 19.2.12
    Affected: >= 20.0.0, < 20.0.6
    Affected: >= 21.0.0, < 21.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:20:50.456Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/pull/1115"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/pull/1119"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/pull/1121"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/480121f2-bc3c-427e-986e-5acffb1606c5/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/security/advisories/GHSA-jh55-4wgw-xc9j"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-24756",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-22T15:41:51.472279Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-22T18:18:06.913Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "bareos",
              "vendor": "bareos",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 18.2, \u003c 19.2.12"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 20.0.0, \u003c 20.0.6"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 21.0.0, \u003c 21.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Bareos is open source software for backup, archiving, and recovery of data for operating systems. When Bareos Director \u003e= 18.2 but prior to 21.1.0, 20.0.6, and 19.2.12 is built and configured for PAM authentication, a failed PAM authentication will leak a small amount of memory. An attacker that is able to use the PAM Console (i.e. by knowing the shared secret or via the WebUI) can flood the Director with failing login attempts which will eventually lead to an out-of-memory condition in which the Director will not work anymore. Bareos Director versions 21.1.0, 20.0.6 and 19.2.12 contain a Bugfix for this problem. Users who are unable to upgrade may disable PAM authentication as a workaround."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "CWE-401: Missing Release of Memory after Effective Lifetime",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-03-15T14:40:20.000Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/bareos/bareos/pull/1115"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/bareos/bareos/pull/1119"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/bareos/bareos/pull/1121"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://huntr.dev/bounties/480121f2-bc3c-427e-986e-5acffb1606c5/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/bareos/bareos/security/advisories/GHSA-jh55-4wgw-xc9j"
            }
          ],
          "source": {
            "advisory": "GHSA-jh55-4wgw-xc9j",
            "discovery": "UNKNOWN"
          },
          "title": "Missing Release of Memory after Effective Lifetime in Bareos Director",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-advisories@github.com",
              "ID": "CVE-2022-24756",
              "STATE": "PUBLIC",
              "TITLE": "Missing Release of Memory after Effective Lifetime in Bareos Director"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "bareos",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003e= 18.2, \u003c 19.2.12"
                              },
                              {
                                "version_value": "\u003e= 20.0.0, \u003c 20.0.6"
                              },
                              {
                                "version_value": "\u003e= 21.0.0, \u003c 21.1.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "bareos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Bareos is open source software for backup, archiving, and recovery of data for operating systems. When Bareos Director \u003e= 18.2 but prior to 21.1.0, 20.0.6, and 19.2.12 is built and configured for PAM authentication, a failed PAM authentication will leak a small amount of memory. An attacker that is able to use the PAM Console (i.e. by knowing the shared secret or via the WebUI) can flood the Director with failing login attempts which will eventually lead to an out-of-memory condition in which the Director will not work anymore. Bareos Director versions 21.1.0, 20.0.6 and 19.2.12 contain a Bugfix for this problem. Users who are unable to upgrade may disable PAM authentication as a workaround."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-401: Missing Release of Memory after Effective Lifetime"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/bareos/bareos/pull/1115",
                  "refsource": "MISC",
                  "url": "https://github.com/bareos/bareos/pull/1115"
                },
                {
                  "name": "https://github.com/bareos/bareos/pull/1119",
                  "refsource": "MISC",
                  "url": "https://github.com/bareos/bareos/pull/1119"
                },
                {
                  "name": "https://github.com/bareos/bareos/pull/1121",
                  "refsource": "MISC",
                  "url": "https://github.com/bareos/bareos/pull/1121"
                },
                {
                  "name": "https://huntr.dev/bounties/480121f2-bc3c-427e-986e-5acffb1606c5/",
                  "refsource": "MISC",
                  "url": "https://huntr.dev/bounties/480121f2-bc3c-427e-986e-5acffb1606c5/"
                },
                {
                  "name": "https://github.com/bareos/bareos/security/advisories/GHSA-jh55-4wgw-xc9j",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/bareos/bareos/security/advisories/GHSA-jh55-4wgw-xc9j"
                }
              ]
            },
            "source": {
              "advisory": "GHSA-jh55-4wgw-xc9j",
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2022-24756",
        "datePublished": "2022-03-15T14:40:21.000Z",
        "dateReserved": "2022-02-10T00:00:00.000Z",
        "dateUpdated": "2025-04-22T18:18:06.913Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-24755 (GCVE-0-2022-24755)

    Vulnerability from nvd – Published: 2022-03-15 14:35 – Updated: 2025-04-22 18:18
    VLAI
    Title
    Incorrect Authorization in Bareos Director
    Summary
    Bareos is open source software for backup, archiving, and recovery of data for operating systems. When Bareos Director >= 18.2 >= 18.2 but prior to 21.1.0, 20.0.6, and 19.2.12 is built and configured for PAM authentication, it will skip authorization checks completely. Expired accounts and accounts with expired passwords can still login. This problem will affect users that have PAM enabled. Currently there is no authorization (e.g. check for expired or disabled accounts), but only plain authentication (i.e. check if username and password match). Bareos Director versions 21.1.0, 20.0.6 and 19.2.12 implement the authorization check that was previously missing. The only workaround is to make sure that authentication fails if the user is not authorized.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    Impacted products
    Vendor Product Version
    bareos bareos Affected: >= 18.2, < 19.2.12
    Affected: >= 20.0.0, < 20.0.6
    Affected: >= 21.0.0, < 21.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:20:50.122Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/security/advisories/GHSA-4979-8ffj-4q26"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/pull/1115"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/pull/1119"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/pull/1121"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/480121f2-bc3c-427e-986e-5acffb1606c5/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-24755",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-22T15:44:05.468336Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-22T18:18:15.793Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "bareos",
              "vendor": "bareos",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 18.2, \u003c 19.2.12"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 20.0.0, \u003c 20.0.6"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 21.0.0, \u003c 21.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Bareos is open source software for backup, archiving, and recovery of data for operating systems. When Bareos Director \u003e= 18.2 \u003e= 18.2 but prior to 21.1.0, 20.0.6, and 19.2.12 is built and configured for PAM authentication, it will skip authorization checks completely. Expired accounts and accounts with expired passwords can still login. This problem will affect users that have PAM enabled. Currently there is no authorization (e.g. check for expired or disabled accounts), but only plain authentication (i.e. check if username and password match). Bareos Director versions 21.1.0, 20.0.6 and 19.2.12 implement the authorization check that was previously missing. The only workaround is to make sure that authentication fails if the user is not authorized."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863: Incorrect Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-03-15T14:35:13.000Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/bareos/bareos/security/advisories/GHSA-4979-8ffj-4q26"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/bareos/bareos/pull/1115"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/bareos/bareos/pull/1119"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/bareos/bareos/pull/1121"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://huntr.dev/bounties/480121f2-bc3c-427e-986e-5acffb1606c5/"
            }
          ],
          "source": {
            "advisory": "GHSA-4979-8ffj-4q26",
            "discovery": "UNKNOWN"
          },
          "title": "Incorrect Authorization in Bareos Director",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-advisories@github.com",
              "ID": "CVE-2022-24755",
              "STATE": "PUBLIC",
              "TITLE": "Incorrect Authorization in Bareos Director"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "bareos",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003e= 18.2, \u003c 19.2.12"
                              },
                              {
                                "version_value": "\u003e= 20.0.0, \u003c 20.0.6"
                              },
                              {
                                "version_value": "\u003e= 21.0.0, \u003c 21.1.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "bareos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Bareos is open source software for backup, archiving, and recovery of data for operating systems. When Bareos Director \u003e= 18.2 \u003e= 18.2 but prior to 21.1.0, 20.0.6, and 19.2.12 is built and configured for PAM authentication, it will skip authorization checks completely. Expired accounts and accounts with expired passwords can still login. This problem will affect users that have PAM enabled. Currently there is no authorization (e.g. check for expired or disabled accounts), but only plain authentication (i.e. check if username and password match). Bareos Director versions 21.1.0, 20.0.6 and 19.2.12 implement the authorization check that was previously missing. The only workaround is to make sure that authentication fails if the user is not authorized."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-863: Incorrect Authorization"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/bareos/bareos/security/advisories/GHSA-4979-8ffj-4q26",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/bareos/bareos/security/advisories/GHSA-4979-8ffj-4q26"
                },
                {
                  "name": "https://github.com/bareos/bareos/pull/1115",
                  "refsource": "MISC",
                  "url": "https://github.com/bareos/bareos/pull/1115"
                },
                {
                  "name": "https://github.com/bareos/bareos/pull/1119",
                  "refsource": "MISC",
                  "url": "https://github.com/bareos/bareos/pull/1119"
                },
                {
                  "name": "https://github.com/bareos/bareos/pull/1121",
                  "refsource": "MISC",
                  "url": "https://github.com/bareos/bareos/pull/1121"
                },
                {
                  "name": "https://huntr.dev/bounties/480121f2-bc3c-427e-986e-5acffb1606c5/",
                  "refsource": "MISC",
                  "url": "https://huntr.dev/bounties/480121f2-bc3c-427e-986e-5acffb1606c5/"
                }
              ]
            },
            "source": {
              "advisory": "GHSA-4979-8ffj-4q26",
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2022-24755",
        "datePublished": "2022-03-15T14:35:13.000Z",
        "dateReserved": "2022-02-10T00:00:00.000Z",
        "dateUpdated": "2025-04-22T18:18:15.793Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-4042 (GCVE-0-2020-4042)

    Vulnerability from nvd – Published: 2020-07-10 19:30 – Updated: 2024-08-04 07:52
    VLAI
    Title
    Authentication bypass in Bareos
    Summary
    Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to the director itself leading to the director responding to the replayed challenge. The response obtained is then a valid reply to the directors original challenge. This is fixed in version 19.2.8.
    CWE
    • CWE-294 - Authentication Bypass by Capture-replay
    Assigner
    References
    Impacted products
    Vendor Product Version
    bareos bareos Affected: < 19.2.8
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:52:20.708Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/security/advisories/GHSA-vqpj-2vhj-h752"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.bareos.org/view.php?id=1250"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "bareos",
              "vendor": "bareos",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 19.2.8"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director\u0027s cram-md5 challenge to the director itself leading to the director responding to the replayed challenge. The response obtained is then a valid reply to the directors original challenge. This is fixed in version 19.2.8."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-294",
                  "description": "CWE-294: Authentication Bypass by Capture-replay",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-07-10T19:30:14.000Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/bareos/bareos/security/advisories/GHSA-vqpj-2vhj-h752"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.bareos.org/view.php?id=1250"
            }
          ],
          "source": {
            "advisory": "GHSA-vqpj-2vhj-h752",
            "discovery": "UNKNOWN"
          },
          "title": "Authentication bypass in Bareos",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-advisories@github.com",
              "ID": "CVE-2020-4042",
              "STATE": "PUBLIC",
              "TITLE": "Authentication bypass in Bareos"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "bareos",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003c 19.2.8"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "bareos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director\u0027s cram-md5 challenge to the director itself leading to the director responding to the replayed challenge. The response obtained is then a valid reply to the directors original challenge. This is fixed in version 19.2.8."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-294: Authentication Bypass by Capture-replay"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/bareos/bareos/security/advisories/GHSA-vqpj-2vhj-h752",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/bareos/bareos/security/advisories/GHSA-vqpj-2vhj-h752"
                },
                {
                  "name": "https://bugs.bareos.org/view.php?id=1250",
                  "refsource": "MISC",
                  "url": "https://bugs.bareos.org/view.php?id=1250"
                }
              ]
            },
            "source": {
              "advisory": "GHSA-vqpj-2vhj-h752",
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2020-4042",
        "datePublished": "2020-07-10T19:30:14.000Z",
        "dateReserved": "2019-12-30T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:52:20.708Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11061 (GCVE-0-2020-11061)

    Vulnerability from nvd – Published: 2020-07-10 19:25 – Updated: 2024-08-04 11:21
    VLAI
    Title
    Heap-based Buffer Overflow in Bareos Director
    Summary
    In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in Bareos versions 19.2.8, 18.2.9 and 17.2.10.
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Bareos GmbH & Co. KG Bareos Director Affected: <= 16.2.10
    Affected: <= 17.2.9
    Affected: <= 18.2.8
    Affected: <= 19.2.7
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:21:14.507Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/security/advisories/GHSA-mm45-cg35-54j4"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.bareos.org/view.php?id=1210"
              },
              {
                "name": "[debian-lts-announce] 20200829 [SECURITY] [DLA 2353-1] bacula security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00051.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Bareos Director",
              "vendor": "Bareos GmbH \u0026 Co. KG",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c= 16.2.10"
                },
                {
                  "status": "affected",
                  "version": "\u003c= 17.2.9"
                },
                {
                  "status": "affected",
                  "version": "\u003c= 18.2.8"
                },
                {
                  "status": "affected",
                  "version": "\u003c= 19.2.7"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director\u0027s memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in Bareos versions 19.2.8, 18.2.9 and 17.2.10."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-08-29T23:06:35.000Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/bareos/bareos/security/advisories/GHSA-mm45-cg35-54j4"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.bareos.org/view.php?id=1210"
            },
            {
              "name": "[debian-lts-announce] 20200829 [SECURITY] [DLA 2353-1] bacula security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00051.html"
            }
          ],
          "source": {
            "advisory": "GHSA-mm45-cg35-54j4",
            "discovery": "UNKNOWN"
          },
          "title": "Heap-based Buffer Overflow in Bareos Director",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-advisories@github.com",
              "ID": "CVE-2020-11061",
              "STATE": "PUBLIC",
              "TITLE": "Heap-based Buffer Overflow in Bareos Director"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Bareos Director",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003c= 16.2.10"
                              },
                              {
                                "version_value": "\u003c= 17.2.9"
                              },
                              {
                                "version_value": "\u003c= 18.2.8"
                              },
                              {
                                "version_value": "\u003c= 19.2.7"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Bareos GmbH \u0026 Co. KG"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director\u0027s memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in Bareos versions 19.2.8, 18.2.9 and 17.2.10."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-122: Heap-based Buffer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/bareos/bareos/security/advisories/GHSA-mm45-cg35-54j4",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/bareos/bareos/security/advisories/GHSA-mm45-cg35-54j4"
                },
                {
                  "name": "https://bugs.bareos.org/view.php?id=1210",
                  "refsource": "MISC",
                  "url": "https://bugs.bareos.org/view.php?id=1210"
                },
                {
                  "name": "[debian-lts-announce] 20200829 [SECURITY] [DLA 2353-1] bacula security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00051.html"
                }
              ]
            },
            "source": {
              "advisory": "GHSA-mm45-cg35-54j4",
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2020-11061",
        "datePublished": "2020-07-10T19:25:13.000Z",
        "dateReserved": "2020-03-30T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:21:14.507Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-14610 (GCVE-0-2017-14610)

    Vulnerability from nvd – Published: 2017-09-20 18:00 – Updated: 2024-09-16 17:32
    VLAI
    Summary
    bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://bugs.bareos.org/view.php?id=847 x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:34:39.463Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.bareos.org/view.php?id=847"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a \"kill `cat /pathname`\" command."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-20T18:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.bareos.org/view.php?id=847"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2017-14610",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a \"kill `cat /pathname`\" command."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugs.bareos.org/view.php?id=847",
                  "refsource": "MISC",
                  "url": "https://bugs.bareos.org/view.php?id=847"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2017-14610",
        "datePublished": "2017-09-20T18:00:00.000Z",
        "dateReserved": "2017-09-20T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:32:56.136Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-45044 (GCVE-0-2024-45044)

    Vulnerability from cvelistv5 – Published: 2024-09-10 14:57 – Updated: 2024-09-10 19:23
    VLAI
    Title
    Bareos's negative command ACLs can be circumvented by abbreviating commands
    Summary
    Bareos is open source software for backup, archiving, and recovery of data for operating systems. When a command ACL is in place and a user executes a command in bconsole using an abbreviation (i.e. "w" for "whoami") the ACL check did not apply to the full form (i.e. "whoami") but to the abbreviated form (i.e. "w"). If the command ACL is configured with negative ACL that should forbid using the "whoami" command, you could still use "w" or "who" as a command successfully. Fixes for the problem are shipped in Bareos versions 23.0.4, 22.1.6 and 21.1.11. If only positive command ACLs are used without any negation, the problem does not occur.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    bareos bareos Affected: >= 23.0.0, < 23.0.4
    Affected: >= 22.0.0, < 22.1.6
    Affected: < 21.1.11
    Create a notification for this product.
    bareos bareos Affected: 23.0.0 , < 23.0.4 (custom)
    Affected: 22.0.0 , < 22.1.6 (custom)
    Affected: 0 , < 21.1.11 (custom)
        cpe:2.3:a:bareos:bareos:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:bareos:bareos:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "bareos",
                "vendor": "bareos",
                "versions": [
                  {
                    "lessThan": "23.0.4",
                    "status": "affected",
                    "version": "23.0.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "22.1.6",
                    "status": "affected",
                    "version": "22.0.0",
                    "versionType": "custom"
                  },
                  {
                    "lessThan": "21.1.11",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-45044",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T19:21:00.578548Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T19:23:58.214Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "bareos",
              "vendor": "bareos",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 23.0.0, \u003c 23.0.4"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 22.0.0, \u003c 22.1.6"
                },
                {
                  "status": "affected",
                  "version": "\u003c 21.1.11"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Bareos is open source software for backup, archiving, and recovery of data for operating systems. When a command ACL is in place and a user executes a command in bconsole using an abbreviation (i.e. \"w\" for \"whoami\") the ACL check did not apply to the full form (i.e. \"whoami\") but to the abbreviated form (i.e. \"w\"). If the command ACL is configured with negative ACL that should forbid using the \"whoami\" command, you could still use \"w\" or \"who\" as a command successfully. Fixes for the problem are shipped in Bareos versions 23.0.4, 22.1.6 and 21.1.11. If only positive command ACLs are used without any negation, the problem does not occur."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285: Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-10T14:57:57.464Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/bareos/bareos/security/advisories/GHSA-jfww-q346-r2r8",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/bareos/bareos/security/advisories/GHSA-jfww-q346-r2r8"
            },
            {
              "name": "https://github.com/bareos/bareos/pull/1875",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/bareos/bareos/pull/1875"
            },
            {
              "name": "https://github.com/bareos/bareos/commit/2a026698b87d13bd1c6275726b5e826702f81dd5",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/bareos/bareos/commit/2a026698b87d13bd1c6275726b5e826702f81dd5"
            }
          ],
          "source": {
            "advisory": "GHSA-jfww-q346-r2r8",
            "discovery": "UNKNOWN"
          },
          "title": "Bareos\u0027s negative command ACLs can be circumvented by abbreviating commands"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2024-45044",
        "datePublished": "2024-09-10T14:57:57.464Z",
        "dateReserved": "2024-08-21T17:53:51.331Z",
        "dateUpdated": "2024-09-10T19:23:58.214Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-24756 (GCVE-0-2022-24756)

    Vulnerability from cvelistv5 – Published: 2022-03-15 14:40 – Updated: 2025-04-22 18:18
    VLAI
    Title
    Missing Release of Memory after Effective Lifetime in Bareos Director
    Summary
    Bareos is open source software for backup, archiving, and recovery of data for operating systems. When Bareos Director >= 18.2 but prior to 21.1.0, 20.0.6, and 19.2.12 is built and configured for PAM authentication, a failed PAM authentication will leak a small amount of memory. An attacker that is able to use the PAM Console (i.e. by knowing the shared secret or via the WebUI) can flood the Director with failing login attempts which will eventually lead to an out-of-memory condition in which the Director will not work anymore. Bareos Director versions 21.1.0, 20.0.6 and 19.2.12 contain a Bugfix for this problem. Users who are unable to upgrade may disable PAM authentication as a workaround.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-401 - Missing Release of Memory after Effective Lifetime
    Assigner
    Impacted products
    Vendor Product Version
    bareos bareos Affected: >= 18.2, < 19.2.12
    Affected: >= 20.0.0, < 20.0.6
    Affected: >= 21.0.0, < 21.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:20:50.456Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/pull/1115"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/pull/1119"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/pull/1121"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/480121f2-bc3c-427e-986e-5acffb1606c5/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/security/advisories/GHSA-jh55-4wgw-xc9j"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-24756",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-22T15:41:51.472279Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-22T18:18:06.913Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "bareos",
              "vendor": "bareos",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 18.2, \u003c 19.2.12"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 20.0.0, \u003c 20.0.6"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 21.0.0, \u003c 21.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Bareos is open source software for backup, archiving, and recovery of data for operating systems. When Bareos Director \u003e= 18.2 but prior to 21.1.0, 20.0.6, and 19.2.12 is built and configured for PAM authentication, a failed PAM authentication will leak a small amount of memory. An attacker that is able to use the PAM Console (i.e. by knowing the shared secret or via the WebUI) can flood the Director with failing login attempts which will eventually lead to an out-of-memory condition in which the Director will not work anymore. Bareos Director versions 21.1.0, 20.0.6 and 19.2.12 contain a Bugfix for this problem. Users who are unable to upgrade may disable PAM authentication as a workaround."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "CWE-401: Missing Release of Memory after Effective Lifetime",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-03-15T14:40:20.000Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/bareos/bareos/pull/1115"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/bareos/bareos/pull/1119"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/bareos/bareos/pull/1121"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://huntr.dev/bounties/480121f2-bc3c-427e-986e-5acffb1606c5/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/bareos/bareos/security/advisories/GHSA-jh55-4wgw-xc9j"
            }
          ],
          "source": {
            "advisory": "GHSA-jh55-4wgw-xc9j",
            "discovery": "UNKNOWN"
          },
          "title": "Missing Release of Memory after Effective Lifetime in Bareos Director",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-advisories@github.com",
              "ID": "CVE-2022-24756",
              "STATE": "PUBLIC",
              "TITLE": "Missing Release of Memory after Effective Lifetime in Bareos Director"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "bareos",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003e= 18.2, \u003c 19.2.12"
                              },
                              {
                                "version_value": "\u003e= 20.0.0, \u003c 20.0.6"
                              },
                              {
                                "version_value": "\u003e= 21.0.0, \u003c 21.1.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "bareos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Bareos is open source software for backup, archiving, and recovery of data for operating systems. When Bareos Director \u003e= 18.2 but prior to 21.1.0, 20.0.6, and 19.2.12 is built and configured for PAM authentication, a failed PAM authentication will leak a small amount of memory. An attacker that is able to use the PAM Console (i.e. by knowing the shared secret or via the WebUI) can flood the Director with failing login attempts which will eventually lead to an out-of-memory condition in which the Director will not work anymore. Bareos Director versions 21.1.0, 20.0.6 and 19.2.12 contain a Bugfix for this problem. Users who are unable to upgrade may disable PAM authentication as a workaround."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-401: Missing Release of Memory after Effective Lifetime"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/bareos/bareos/pull/1115",
                  "refsource": "MISC",
                  "url": "https://github.com/bareos/bareos/pull/1115"
                },
                {
                  "name": "https://github.com/bareos/bareos/pull/1119",
                  "refsource": "MISC",
                  "url": "https://github.com/bareos/bareos/pull/1119"
                },
                {
                  "name": "https://github.com/bareos/bareos/pull/1121",
                  "refsource": "MISC",
                  "url": "https://github.com/bareos/bareos/pull/1121"
                },
                {
                  "name": "https://huntr.dev/bounties/480121f2-bc3c-427e-986e-5acffb1606c5/",
                  "refsource": "MISC",
                  "url": "https://huntr.dev/bounties/480121f2-bc3c-427e-986e-5acffb1606c5/"
                },
                {
                  "name": "https://github.com/bareos/bareos/security/advisories/GHSA-jh55-4wgw-xc9j",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/bareos/bareos/security/advisories/GHSA-jh55-4wgw-xc9j"
                }
              ]
            },
            "source": {
              "advisory": "GHSA-jh55-4wgw-xc9j",
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2022-24756",
        "datePublished": "2022-03-15T14:40:21.000Z",
        "dateReserved": "2022-02-10T00:00:00.000Z",
        "dateUpdated": "2025-04-22T18:18:06.913Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-24755 (GCVE-0-2022-24755)

    Vulnerability from cvelistv5 – Published: 2022-03-15 14:35 – Updated: 2025-04-22 18:18
    VLAI
    Title
    Incorrect Authorization in Bareos Director
    Summary
    Bareos is open source software for backup, archiving, and recovery of data for operating systems. When Bareos Director >= 18.2 >= 18.2 but prior to 21.1.0, 20.0.6, and 19.2.12 is built and configured for PAM authentication, it will skip authorization checks completely. Expired accounts and accounts with expired passwords can still login. This problem will affect users that have PAM enabled. Currently there is no authorization (e.g. check for expired or disabled accounts), but only plain authentication (i.e. check if username and password match). Bareos Director versions 21.1.0, 20.0.6 and 19.2.12 implement the authorization check that was previously missing. The only workaround is to make sure that authentication fails if the user is not authorized.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    Impacted products
    Vendor Product Version
    bareos bareos Affected: >= 18.2, < 19.2.12
    Affected: >= 20.0.0, < 20.0.6
    Affected: >= 21.0.0, < 21.1.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:20:50.122Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/security/advisories/GHSA-4979-8ffj-4q26"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/pull/1115"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/pull/1119"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/pull/1121"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://huntr.dev/bounties/480121f2-bc3c-427e-986e-5acffb1606c5/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-24755",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-22T15:44:05.468336Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-22T18:18:15.793Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "bareos",
              "vendor": "bareos",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 18.2, \u003c 19.2.12"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 20.0.0, \u003c 20.0.6"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 21.0.0, \u003c 21.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Bareos is open source software for backup, archiving, and recovery of data for operating systems. When Bareos Director \u003e= 18.2 \u003e= 18.2 but prior to 21.1.0, 20.0.6, and 19.2.12 is built and configured for PAM authentication, it will skip authorization checks completely. Expired accounts and accounts with expired passwords can still login. This problem will affect users that have PAM enabled. Currently there is no authorization (e.g. check for expired or disabled accounts), but only plain authentication (i.e. check if username and password match). Bareos Director versions 21.1.0, 20.0.6 and 19.2.12 implement the authorization check that was previously missing. The only workaround is to make sure that authentication fails if the user is not authorized."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863: Incorrect Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-03-15T14:35:13.000Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/bareos/bareos/security/advisories/GHSA-4979-8ffj-4q26"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/bareos/bareos/pull/1115"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/bareos/bareos/pull/1119"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/bareos/bareos/pull/1121"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://huntr.dev/bounties/480121f2-bc3c-427e-986e-5acffb1606c5/"
            }
          ],
          "source": {
            "advisory": "GHSA-4979-8ffj-4q26",
            "discovery": "UNKNOWN"
          },
          "title": "Incorrect Authorization in Bareos Director",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-advisories@github.com",
              "ID": "CVE-2022-24755",
              "STATE": "PUBLIC",
              "TITLE": "Incorrect Authorization in Bareos Director"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "bareos",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003e= 18.2, \u003c 19.2.12"
                              },
                              {
                                "version_value": "\u003e= 20.0.0, \u003c 20.0.6"
                              },
                              {
                                "version_value": "\u003e= 21.0.0, \u003c 21.1.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "bareos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Bareos is open source software for backup, archiving, and recovery of data for operating systems. When Bareos Director \u003e= 18.2 \u003e= 18.2 but prior to 21.1.0, 20.0.6, and 19.2.12 is built and configured for PAM authentication, it will skip authorization checks completely. Expired accounts and accounts with expired passwords can still login. This problem will affect users that have PAM enabled. Currently there is no authorization (e.g. check for expired or disabled accounts), but only plain authentication (i.e. check if username and password match). Bareos Director versions 21.1.0, 20.0.6 and 19.2.12 implement the authorization check that was previously missing. The only workaround is to make sure that authentication fails if the user is not authorized."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-863: Incorrect Authorization"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/bareos/bareos/security/advisories/GHSA-4979-8ffj-4q26",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/bareos/bareos/security/advisories/GHSA-4979-8ffj-4q26"
                },
                {
                  "name": "https://github.com/bareos/bareos/pull/1115",
                  "refsource": "MISC",
                  "url": "https://github.com/bareos/bareos/pull/1115"
                },
                {
                  "name": "https://github.com/bareos/bareos/pull/1119",
                  "refsource": "MISC",
                  "url": "https://github.com/bareos/bareos/pull/1119"
                },
                {
                  "name": "https://github.com/bareos/bareos/pull/1121",
                  "refsource": "MISC",
                  "url": "https://github.com/bareos/bareos/pull/1121"
                },
                {
                  "name": "https://huntr.dev/bounties/480121f2-bc3c-427e-986e-5acffb1606c5/",
                  "refsource": "MISC",
                  "url": "https://huntr.dev/bounties/480121f2-bc3c-427e-986e-5acffb1606c5/"
                }
              ]
            },
            "source": {
              "advisory": "GHSA-4979-8ffj-4q26",
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2022-24755",
        "datePublished": "2022-03-15T14:35:13.000Z",
        "dateReserved": "2022-02-10T00:00:00.000Z",
        "dateUpdated": "2025-04-22T18:18:15.793Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-4042 (GCVE-0-2020-4042)

    Vulnerability from cvelistv5 – Published: 2020-07-10 19:30 – Updated: 2024-08-04 07:52
    VLAI
    Title
    Authentication bypass in Bareos
    Summary
    Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to the director itself leading to the director responding to the replayed challenge. The response obtained is then a valid reply to the directors original challenge. This is fixed in version 19.2.8.
    CWE
    • CWE-294 - Authentication Bypass by Capture-replay
    Assigner
    References
    Impacted products
    Vendor Product Version
    bareos bareos Affected: < 19.2.8
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:52:20.708Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/security/advisories/GHSA-vqpj-2vhj-h752"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.bareos.org/view.php?id=1250"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "bareos",
              "vendor": "bareos",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 19.2.8"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director\u0027s cram-md5 challenge to the director itself leading to the director responding to the replayed challenge. The response obtained is then a valid reply to the directors original challenge. This is fixed in version 19.2.8."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-294",
                  "description": "CWE-294: Authentication Bypass by Capture-replay",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-07-10T19:30:14.000Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/bareos/bareos/security/advisories/GHSA-vqpj-2vhj-h752"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.bareos.org/view.php?id=1250"
            }
          ],
          "source": {
            "advisory": "GHSA-vqpj-2vhj-h752",
            "discovery": "UNKNOWN"
          },
          "title": "Authentication bypass in Bareos",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-advisories@github.com",
              "ID": "CVE-2020-4042",
              "STATE": "PUBLIC",
              "TITLE": "Authentication bypass in Bareos"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "bareos",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003c 19.2.8"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "bareos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director\u0027s cram-md5 challenge to the director itself leading to the director responding to the replayed challenge. The response obtained is then a valid reply to the directors original challenge. This is fixed in version 19.2.8."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-294: Authentication Bypass by Capture-replay"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/bareos/bareos/security/advisories/GHSA-vqpj-2vhj-h752",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/bareos/bareos/security/advisories/GHSA-vqpj-2vhj-h752"
                },
                {
                  "name": "https://bugs.bareos.org/view.php?id=1250",
                  "refsource": "MISC",
                  "url": "https://bugs.bareos.org/view.php?id=1250"
                }
              ]
            },
            "source": {
              "advisory": "GHSA-vqpj-2vhj-h752",
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2020-4042",
        "datePublished": "2020-07-10T19:30:14.000Z",
        "dateReserved": "2019-12-30T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:52:20.708Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-11061 (GCVE-0-2020-11061)

    Vulnerability from cvelistv5 – Published: 2020-07-10 19:25 – Updated: 2024-08-04 11:21
    VLAI
    Title
    Heap-based Buffer Overflow in Bareos Director
    Summary
    In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in Bareos versions 19.2.8, 18.2.9 and 17.2.10.
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Bareos GmbH & Co. KG Bareos Director Affected: <= 16.2.10
    Affected: <= 17.2.9
    Affected: <= 18.2.8
    Affected: <= 19.2.7
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T11:21:14.507Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/bareos/bareos/security/advisories/GHSA-mm45-cg35-54j4"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.bareos.org/view.php?id=1210"
              },
              {
                "name": "[debian-lts-announce] 20200829 [SECURITY] [DLA 2353-1] bacula security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00051.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Bareos Director",
              "vendor": "Bareos GmbH \u0026 Co. KG",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c= 16.2.10"
                },
                {
                  "status": "affected",
                  "version": "\u003c= 17.2.9"
                },
                {
                  "status": "affected",
                  "version": "\u003c= 18.2.8"
                },
                {
                  "status": "affected",
                  "version": "\u003c= 19.2.7"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director\u0027s memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in Bareos versions 19.2.8, 18.2.9 and 17.2.10."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122: Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-08-29T23:06:35.000Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/bareos/bareos/security/advisories/GHSA-mm45-cg35-54j4"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.bareos.org/view.php?id=1210"
            },
            {
              "name": "[debian-lts-announce] 20200829 [SECURITY] [DLA 2353-1] bacula security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00051.html"
            }
          ],
          "source": {
            "advisory": "GHSA-mm45-cg35-54j4",
            "discovery": "UNKNOWN"
          },
          "title": "Heap-based Buffer Overflow in Bareos Director",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-advisories@github.com",
              "ID": "CVE-2020-11061",
              "STATE": "PUBLIC",
              "TITLE": "Heap-based Buffer Overflow in Bareos Director"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Bareos Director",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003c= 16.2.10"
                              },
                              {
                                "version_value": "\u003c= 17.2.9"
                              },
                              {
                                "version_value": "\u003c= 18.2.8"
                              },
                              {
                                "version_value": "\u003c= 19.2.7"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Bareos GmbH \u0026 Co. KG"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director\u0027s memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in Bareos versions 19.2.8, 18.2.9 and 17.2.10."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-122: Heap-based Buffer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/bareos/bareos/security/advisories/GHSA-mm45-cg35-54j4",
                  "refsource": "CONFIRM",
                  "url": "https://github.com/bareos/bareos/security/advisories/GHSA-mm45-cg35-54j4"
                },
                {
                  "name": "https://bugs.bareos.org/view.php?id=1210",
                  "refsource": "MISC",
                  "url": "https://bugs.bareos.org/view.php?id=1210"
                },
                {
                  "name": "[debian-lts-announce] 20200829 [SECURITY] [DLA 2353-1] bacula security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00051.html"
                }
              ]
            },
            "source": {
              "advisory": "GHSA-mm45-cg35-54j4",
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2020-11061",
        "datePublished": "2020-07-10T19:25:13.000Z",
        "dateReserved": "2020-03-30T00:00:00.000Z",
        "dateUpdated": "2024-08-04T11:21:14.507Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-14610 (GCVE-0-2017-14610)

    Vulnerability from cvelistv5 – Published: 2017-09-20 18:00 – Updated: 2024-09-16 17:32
    VLAI
    Summary
    bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill `cat /pathname`" command.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://bugs.bareos.org/view.php?id=847 x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:34:39.463Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.bareos.org/view.php?id=847"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a \"kill `cat /pathname`\" command."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-20T18:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.bareos.org/view.php?id=847"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2017-14610",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a \"kill `cat /pathname`\" command."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugs.bareos.org/view.php?id=847",
                  "refsource": "MISC",
                  "url": "https://bugs.bareos.org/view.php?id=847"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2017-14610",
        "datePublished": "2017-09-20T18:00:00.000Z",
        "dateReserved": "2017-09-20T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:32:56.136Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }