2 matches found
cobbler elevation of privilege vulnerability
Cobbler is a Linux installation server that allows you to quickly set up a network installation environment. An elevation of privilege vulnerability exists in cobbler 2.6.x. The vulnerability stems from the fact that cobbler exposes all functions of the CobblerXMLRPCInterface class via XMLRPC. A...
CVE-2018-10931
An API-exposure flaw was found in cobbler, where it exported CobblerXMLRPCInterface private functions over XMLRPC. A remote, unauthenticated attacker could use this flaw to gain important privileges within cobbler, as well as upload files to an arbitrary location in the daemon context. Mitigation...