CVE-2022-37030
- Source
- https://cve.org/CVERecord?id=CVE-2022-37030
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-37030.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-37030
- Published
- 2022-08-04T23:15:08.257Z
- Modified
- 2026-03-14T11:49:29.486666Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Weak permissions on the configuration file in the PAM module in Grommunio Gromox 0.5 through 1.x before 1.28 allow a local unprivileged user in the gromox group to have the PAM stack execute arbitrary code upon loading the Gromox PAM module.
- References
Affected packages
Git / github.com/grommunio/gromox
Affected versions
gromox-0.*
gromox-0.10
gromox-0.11
gromox-0.12
gromox-0.13
gromox-0.14
gromox-0.15
gromox-0.16
gromox-0.17
gromox-0.18
gromox-0.19
gromox-0.20
gromox-0.21
gromox-0.22
gromox-0.23
gromox-0.24
gromox-0.25
gromox-0.26
gromox-0.27
gromox-0.5
gromox-0.6
gromox-0.7
gromox-0.8
gromox-0.9
gromox-1.*
gromox-1.0
gromox-1.1
gromox-1.10
gromox-1.11
gromox-1.12
gromox-1.13
gromox-1.14
gromox-1.15
gromox-1.15.32
gromox-1.16
gromox-1.17
gromox-1.18
gromox-1.19
gromox-1.2
gromox-1.20
gromox-1.21
gromox-1.22
gromox-1.23
gromox-1.24
gromox-1.25
gromox-1.26
gromox-1.27
gromox-1.3
gromox-1.4
gromox-1.5
gromox-1.6
gromox-1.7
gromox-1.8
gromox-1.9