Vulnerability Details : CVE-2007-2766
lib/backup-methods.sh in Backup Manager before 0.7.6 provides the MySQL password as a plaintext command line argument, which allows local users to obtain this password by listing the process and its arguments, related to lib/backup-methods.sh.
Exploit prediction scoring system (EPSS) score for CVE-2007-2766
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2007-2766
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2007-2766
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2007-2766
-
http://www2.backup-manager.org/Release076
Patch
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/34489
-
http://bugzilla.backup-manager.org/cgi-bin/show_bug.cgi?id=146
-
http://www.vupen.com/english/advisories/2007/2412
-
http://www.backup-manager.org/pipermail/backup-manager-commits/2007-January/000212.html
Products affected by CVE-2007-2766
- cpe:2.3:a:backup_manager:backup_manager:*:*:*:*:*:*:*:*