Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-15B4E7651D744B470F164064C9B31F21Improper Control of Generation of Code ('Code Injection')
8.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
0.007 Low
EPSS
Percentile
80.3%
CVE-2010-2235 RHN Satellite (cobbler): Code injection flaw (ACE as root) by processing of a specially-crafted kickstart template file
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| pypi/cobbler | lt | 2.0.7 |
References
people.fedoraproject.org/~shenson/cobbler/cobbler-2.0.8.tar.gz
www.redhat.com/support/errata/RHSA-2010-0775.html
access.redhat.com/errata/RHSA-2010:0775
access.redhat.com/security/cve/CVE-2010-2235
bugzilla.redhat.com/show_bug.cgi?id=607662
github.com/advisories/GHSA-jhm7-38xj-pvm8
nvd.nist.gov/vuln/detail/CVE-2010-2235
Related
8.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
0.007 Low
EPSS
Percentile
80.3%