Vulnerabilities

CVE-2018-10931

by Fred · 09/08/2018

It was found that cobbler 2.6.x exposed all functions from its CobblerXMLRPCInterface class over XMLRPC. A remote, unauthenticated attacker could use this flaw to gain high privileges within cobbler, upload files to arbitrary location in the context of the daemon.

Date published : 2018-08-09

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10931

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMWK5KCCZXOGOYNR2H6BWDSABTQ5NYJA/

Similar

Tags: Cybersecurity Alert