---

CVE-2021-3755 - log back

CVE-2021-3755 edited at 12 Oct 2022 22:54:01

Description

- A command injection vulnerability was found in Rsync. An attacker can use this vulnerability to execute arbitrary commands on a remote host via arguments passed to Rsync for a copy operation. The attacker needs to know the SSH login password to be able to exploit this issue. + ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE-2021-3755 edited at 31 Aug 2021 14:51:03
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Arbitrary command execution
Description	+ A command injection vulnerability was found in Rsync. An attacker can use this vulnerability to execute arbitrary commands on a remote host via arguments passed to Rsync for a copy operation. The attacker needs to know the SSH login password to be able to exploit this issue.
References	+ https://bugzilla.redhat.com/show_bug.cgi?id=1999680
Notes

CVE-2021-3755 created at 31 Aug 2021 14:50:32