7 matches found
Cobbler < 3.3.1 Multiple Vulnerabilities
Cobbler is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2021-45083
An issue was discovered in Cobbler before 3.3.1. Files in /etc/cobbler are world readable. Two of those files contain some sensitive information that can be exposed to a local user who has non-privileged access to the server. The users.digest file contains the sha2-512 digest of users in a Cobble...
CVE-2021-45083
CVE-2021-45083 affects Cobbler prior to 3.3.1. Files under /etc/cobbler are world-readable, exposing sensitive data (e.g., users.digest with SHA2-512 hashes and plaintext potential for weak passwords; settings.yaml with secrets). Local, non-privileged users could access these files to infer crede...
SUSE: Security Advisory (SUSE-SU-2022:14891-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:0510-1 Security update for cobbler
This update for cobbler fixes the following issues: - CVE-2021-45083: Fixed unsafe permissions on sensitive files bsc1193671. - CVE-2021-45082: Fixed incomplete template sanitation bsc1193678. The following non-security bugs were fixed: - Fix issues with installation module logging and validation...
SUSE-SU-2022:14891-1 Security update for cobbler
This update for cobbler fixes the following issues: - CVE-2021-45083: Fixed unsafe permissions on sensitive files bsc1193671. The following non-security bugs were fixed: - Move configuration files ownership to apache bsc1195906...
SUSE-SU-2022:0507-1 Security update for cobbler
This update for cobbler fixes the following issues: - CVE-2021-45083: Fixed unsafe permissions on sensitive files bsc1193671. The following non-security bugs were fixed: - Move configuration files ownership to apache bsc1195906...