Format String Vulnerability in ZMQ3 Input and Output Modules in Rsyslog

Format String Vulnerability in ZMQ3 Input and Output Modules in Rsyslog

CVE-2017-12588 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.

Learn more about our Web Application Penetration Testing UK.