Sign in Subscribe

← All advisories

Critical severity9.8NVD Advisory· Published Nov 17, 2017· Updated May 13, 2026

CVE-2017-1000215

CVE-2017-1000215

Description

ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution

Affected products

1

Xrootd/Xrootd
cpe:2.3:a:xrootd:xrootd:*:*:*:*:*:*:*:*
Range: <=4.6.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

github.com/xrootd/xrootd/commit/befa2e627a5a33a38c92db3e57c07d8246a24acfnvdPatchThird Party Advisory
github.com/xrootd/xrootd/blob/befa2e627a5a33a38c92db3e57c07d8246a24acf/src/XrdSecgsi/XrdSecgsiGMAPFunLDAP.ccnvdThird Party Advisory
github.com/xrootd/xrootd/blob/v4.6.1/docs/ReleaseNotes.txtnvdRelease NotesThird Party Advisory
security.gentoo.org/glsa/201903-11nvdThird Party Advisory

News mentions

0

No linked articles in our index yet.