Information Disclosure
cobbler is vulnerable to information disclosure. The vulnerability exists because the library does not properly restrict the config file accessibility, which allows an attacker who has access to the server to open an authenticated session with a cobbler daemon...