2 matches found
CVE-2018-1127
CVE-2018-1127 affects Tendrl API in Red Hat Gluster Storage prior to 3.4.0, where session tokens are not immediately invalidated on logout and remain usable for a short window. This allows an attacker who captured tokens (e.g., via sniffing/MITM) to replay them and authenticate as the target user...
RHEL 7 : RHGS WA (RHSA-2018:2616)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2616 advisory. Red Hat Gluster Storage Web Administration includes a fully automated setup based on Ansible and provides deep metrics and insights into active Glust...