Critical severity9.8NVD Advisory· Published Mar 7, 2018· Updated Jun 17, 2026
CVE-2017-15367
CVE-2017-15367
Description
Bacula-web before 8.0.0-rc2 is affected by multiple SQL Injection vulnerabilities that could allow an attacker to access the Bacula database and, depending on configuration, escalate privileges on the server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
bacula-web/bacula-webPackagist | < 8.0.0-rc2 | 8.0.0-rc2 |
Affected products
1Patches
Vulnerability mechanics
References
9- github.com/bacula-web/bacula-web/commit/90d4c44a0dd0d65c6fb3ab2417b83d700c8413aenvdPatchThird Party AdvisoryWEB
- www.exploit-db.com/exploits/44272/nvdExploitThird Party AdvisoryVDB Entry
- bacula-web.org/download/articles/bacula-web-8-0-0-rc2.htmlnvdRelease NotesVendor Advisory
- bugs.bacula-web.org/view.phpnvdIssue TrackingVendor Advisory
- github.com/advisories/GHSA-fv4m-5j2c-787rghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-15367ghsaADVISORY
- web.archive.org/web/20180324124226/http://bacula-web.org/download/articles/bacula-web-8-0-0-rc2.htmlghsaWEB
- web.archive.org/web/20180625090858/http://bugs.bacula-web.org/view.phpghsaWEB
- www.exploit-db.com/exploits/44272ghsaWEB
News mentions
0No linked articles in our index yet.