2 matches found
SUSE CVE-2021-40323
Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection...
CVE-2021-40323
CVE-2021-40323 affects Cobbler up to version 3.3.0, where an XMLRPC method logs to the logfile in a way that enables log poisoning and remote code execution. The vulnerability arises from insufficient input handling in the XMLRPC API, allowing an attacker to craft input that records log files for...