CVE-2022-37030 – Weak permissions on the configuration file in the PAM module in Grommunio Gromox 0.5 throu …

Vuln ID: CVE-2022-37030

Published:  2022-08-04  23:15:08Z

Description: Weak permissions on the configuration file in the PAM module in Grommunio Gromox 0.5 through 1.x before 1.28 allow a local unprivileged user in the gromox group to have the PAM stack execute arbitrary code upon loading the Gromox PAM module.

Source: NVD.NIST.GOV