CVE-2015-8370: grub2 authentication bypass

CVE ID

CVE-2015-8370

DESCRIPTION

A flaw was found in the way grub2 handled backspace characters entered in username and password prompts. An attacker with access to the system console could use this flaw to bypass grub2 password protection and gain administrative access to the system.

Unitrends risk assessment: None

Unitrends systems do not use grub2, but grub-0.97-93.el6.x86_64 or grub-0.97-99 for el5, which are not affected.

RESOLUTION

No action required.

LINK TO ADVISORIES

 

Have more questions?

Contact us

Was this article helpful?
0 out of 0 found this helpful

Provide feedback for the Documentation team!

Browse this section