CVE-2011-5098

🗓️ 08 Aug 2012 10:26:18Reported by [email protected]Type

nvd

nvd🔗 web.nvd.nist.gov👁 11 Views

Chef Server API allows remote authenticated users to create admin clients without requiring administrative privileges, leading to bypassing of access restrictions

Reporter	Title	Published	Views	Family All 8
ATTACKERKB	CVE-2011-5098	8 Aug 201210:26	–	attackerkb
CVE	CVE-2011-5098	8 Aug 201210:00	–	cve
Cvelist	CVE-2011-5098	8 Aug 201210:00	–	cvelist
Debian CVE	CVE-2011-5098	8 Aug 201210:00	–	debiancve
EUVD	EUVD-2011-4998	7 Oct 202500:30	–	euvd
Prion	Command injection	8 Aug 201210:26	–	prion
RedhatCVE	CVE-2011-5098	22 May 202509:56	–	redhatcve
UbuntuCve	CVE-2011-5098	8 Aug 201210:26	–	ubuntucve

NVD

Node

opscode chefRange≤0.9.18

OR

opscode chefMatch0.5.1

OR

opscode chefMatch0.5.2

OR

opscode chefMatch0.5.4

OR

opscode chefMatch0.5.6

OR

opscode chefMatch0.6.0

OR

opscode chefMatch0.6.2

OR

opscode chefMatch0.7.2

OR

opscode chefMatch0.7.4

OR

opscode chefMatch0.7.6

OR

opscode chefMatch0.7.8

OR

opscode chefMatch0.7.10

OR

opscode chefMatch0.7.12

OR

opscode chefMatch0.7.14

OR

opscode chefMatch0.8.2

OR

opscode chefMatch0.8.4

OR

opscode chefMatch0.8.6

OR

opscode chefMatch0.8.8

OR

opscode chefMatch0.8.10

OR

opscode chefMatch0.8.12

OR

opscode chefMatch0.8.14

OR

opscode chefMatch0.8.16

OR

opscode chefMatch0.9.0

OR

opscode chefMatch0.9.2

OR

opscode chefMatch0.9.4

OR

opscode chefMatch0.9.6

OR

opscode chefMatch0.9.8

OR

opscode chefMatch0.9.10

OR

opscode chefMatch0.9.12

OR

opscode chefMatch0.9.14

OR

opscode chefMatch0.9.16

OR

opscode chefMatch0.10.0

OR

opscode chefMatch0.10.2

OR

opscode chefMatch0.10.4

Source	Link
tickets	www.tickets.opscode.com/browse/CHEF-2649
github	www.github.com/opscode/chef/commit/33f0e9c58bbf047e1b401a834f3abfe72d9a8947

29 Apr 2026 01:13Current

6.4Medium risk

Vulners AI Score6.4

CVSS 26.5

EPSS0.00191

chef server remote authenticated users admin clients access restrictions cve-2011-5098