Lucene search
+L

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2018-1000225

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable...

6.1CVSS7.5AI score0.01262EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.43 views

RHEL 8 : cobbler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cobbler: XMLRPC API endpoints are not correctly validating security tokens CVE-2018-1000226 - Cobbler...

9.8CVSS7.7AI score0.12484EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.27 views

RHEL 8 : cobbler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cobbler: XMLRPC API endpoints are not correctly validating security tokens CVE-2018-1000226 - Cobbler...

8.6AI score0.12484EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/09/04 12:0 a.m.31 views

openSUSE: Security Advisory for cobbler (openSUSE-SU-2018:2590-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.1AI score0.6786EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2018/09/03 3:7 p.m.88 views

Security update for cobbler (important)

This update for cobbler fixes the following issues: Security issues fixed: - Forbid exposure of private methods in the API CVE-2018-10931, CVE-2018-1000225, bsc1104287, bsc1104189, bsc1105442 - Check access token when calling 'modifysetting' API endpoint bsc1104190, bsc1105440, CVE-2018-1000226...

0.6786EPSS
Exploits0References7
CVE
CVE
added 2018/08/20 8:0 p.m.171 views

CVE-2018-1000225

CVE-2018-1000225 is an XSS vulnerability in Cobbler’s web interface (cobbler-web) that can escalate privileges to admin. Technical details in the sources indicate the issue affects Cobbler versions at least as early as 2.0.0+ and is present in 2.6.11+ according to the description. The exploit pat...

6.1CVSS7.5AI score0.01262EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder