Lucene search
PRIOn knowledge basePRION:CVE-2018-10931HistoryAug 09, 2018 - 8:29 p.m.
Design/Logic Flaw
2018-08-0920:29:00
PRIOn knowledge base
www.prio-n.com
11
It was found that cobbler 2.6.x exposed all functions from its CobblerXMLRPCInterface class over XMLRPC. A remote, unauthenticated attacker could use this flaw to gain high privileges within cobbler, upload files to arbitrary location in the context of the daemon.
References
access.redhat.com/errata/RHSA-2018:2372
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10931
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5P5Q4ACIVZ5D4KSUDLGRTOKGGB4U42SD/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMWK5KCCZXOGOYNR2H6BWDSABTQ5NYJA/
Related
fedora
fedora
[SECURITY] Fedora 30 Update: cobbler-2.8.5-0.1.fc30
2019-09-11 19:24:37
[SECURITY] Fedora 31 Update: cobbler-3.0.1-1.fc31
2019-09-26 00:03:05
[SECURITY] Fedora 29 Update: cobbler-2.8.4-5.fc29
2018-12-05 02:36:46
github
github
Cobbler has Exposed Dangerous Method or Function
2022-05-13 01:54:14
Cobbler Improper Validation of Security Tokens
2022-05-13 01:48:35
osv
osv
Cobbler has Exposed Dangerous Method or Function
2022-05-13 01:54:14
CVE-2018-10931
2018-08-09 20:29:00
Cobbler Improper Validation of Security Tokens
2022-05-13 01:48:35
nessus
nessus
RHEL 6 : cobbler (RHSA-2018:2372)
2018-08-10 00:00:00
Fedora 30 : cobbler (2019-3cacfb34ad)
2019-09-12 00:00:00
Fedora 29 : cobbler (2019-cd24f60a94)
2019-09-12 00:00:00
gitlab
gitlab
Exposed Dangerous Method or Function
2022-05-13 00:00:00
Incorrect Permission Assignment for Critical Resource
2022-05-13 00:00:00
openvas
openvas
Fedora Update for cobbler FEDORA-2019-3cacfb34ad
2019-09-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:2550-1)
2021-06-09 00:00:00
Fedora Update for cobbler FEDORA-2019-502f1a2c67
2020-01-09 00:00:00
redhatcve
redhatcve
CVE-2018-10931
2018-08-09 15:18:52
cvelist
cvelist
CVE-2018-10931
2018-08-09 20:00:00
CVE-2018-1000226
2018-08-20 20:00:00
ubuntucve
ubuntucve
CVE-2018-10931
2018-08-09 00:00:00
CVE-2018-1000226
2018-08-20 00:00:00
veracode
veracode
Arbitrary File Upload
2019-01-15 09:24:32
redhat
redhat
(RHSA-2018:2372) Critical: cobbler security update
2018-08-09 15:32:57
cve
cve
CVE-2018-10931
2018-08-09 20:29:00
CVE-2018-1000226
2018-08-20 20:29:01
nvd
nvd
CVE-2018-10931
2018-08-09 20:29:00
CVE-2018-1000226
2018-08-20 20:29:01
prion
prion
Design/Logic Flaw
2018-08-20 20:29:00
nuclei
nuclei
Cobbler - Authentication Bypass
2022-02-14 17:20:32
suse
suse
Security update for cobbler (important)
2018-09-03 15:07:54
Security update for cobbler (moderate)
2021-01-14 00:00:00
Security update for cobbler (moderate)
2021-01-11 00:00:00
ubuntu
ubuntu
Cobbler vulnerabilities
2023-11-13 00:00:00