Lucene search
+L

10 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2018-1000226

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable...

9.8CVSS8.1AI score0.12484EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.43 views

RHEL 8 : cobbler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cobbler: XMLRPC API endpoints are not correctly validating security tokens CVE-2018-1000226 - Cobbler...

9.8CVSS7.7AI score0.12484EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.27 views

RHEL 8 : cobbler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cobbler: XMLRPC API endpoints are not correctly validating security tokens CVE-2018-1000226 - Cobbler...

8.6AI score0.12484EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.34 views

Fedora 29 : cobbler (2018-22c609e92a)

Fix empty man pages ---- - Revert bindmanageipmi feature that is broken on 2.8 - Use pathfix.py to fix python shebangs ---- - Update to 2.8.4 Fixes BZ 1613292, 1643860, 1614433, CVE-2018-1000226, CVE-2018-10931 - Make koan require python2-ethtool BZ 1638933 Note that Tenable Network Security has...

9.8CVSS8.1AI score0.6786EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.36 views

Fedora 28 : cobbler (2018-1d2a79fe1c)

Fix empty man pages ---- - Revert bindmanageipmi feature that is broken on 2.8 - Use pathfix.py to fix python shebangs ---- - Update to 2.8.4 Fixes BZ 1613292, 1643860, 1614433, CVE-2018-1000226, CVE-2018-10931 - Make koan require python2-ethtool BZ 1638933 Note that Tenable Network Security has...

9.8CVSS8.1AI score0.6786EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2018/09/04 12:0 a.m.31 views

openSUSE: Security Advisory for cobbler (openSUSE-SU-2018:2590-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.1AI score0.6786EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2018/09/03 3:7 p.m.88 views

Security update for cobbler (important)

This update for cobbler fixes the following issues: Security issues fixed: - Forbid exposure of private methods in the API CVE-2018-10931, CVE-2018-1000225, bsc1104287, bsc1104189, bsc1105442 - Check access token when calling 'modifysetting' API endpoint bsc1104190, bsc1105440, CVE-2018-1000226...

0.6786EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2018/08/20 8:29 p.m.29 views

CVE-2018-1000226

Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Incorrect Access Control vulnerability in XMLRPC API /cobblerapi that can result in Privilege escalation, data manipulation or...

9.8CVSS7.2AI score0.12484EPSS
Exploits0References4
Cvelist
Cvelist
added 2018/08/20 8:0 p.m.57 views

CVE-2018-1000226

Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Incorrect Access Control vulnerability in XMLRPC API /cobblerapi that can result in Privilege escalation, data manipulation or...

9.7AI score0.12484EPSS
Exploits0References2
CVE
CVE
added 2018/08/20 8:0 p.m.205 views

CVE-2018-1000226

CVE-2018-1000226 corresponds to an authentication bypass in Cobbler’s XMLRPC API (/cobbler_api). The connected nuclei template confirms an authentication bypass vulnerability that can enable privilege escalation, data manipulation or exfiltration, and LDAP credential harvesting via network connec...

9.8CVSS9.5AI score0.12484EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder