Vulnerabilities

CVE-2018-10841

by Fred · 20/06/2018

glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with –remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool, start, stop, and delete volumes.

Date published : 2018-06-20

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10841

https://review.gluster.org/#/c/20328/

Similar

Tags: Cybersecurity Alert