5 matches found
CLSA-2026-1777566732 Fix CVE(s): CVE-2018-10841
SECURITY UPDATE: privilege escalation on glusterd nodes via the CLI RPC program being exposed on the TCP listener when management-plane SSL is enabled, allowing a TLS-authenticated client outside the trusted storage pool to issue privileged volume-management commands via gluster --remote-host -...
Privilege Escalation
glusterfs.so is vulnerable to privilege escalation. A malicious user can authenticate through TLS using the gluster CLI with the --remote-host command to add themselves to the trusted pool and gain the same permissions...
Privilege Escalation
glusterfs.so is vulnerable to privilege escalation. A malicious user can authenticate through TLS using the gluster CLI with the --remote-host command to add themselves to the trusted pool and gain the same permissions...
UBUNTU-CVE-2018-10841
glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool,...
glusterfs: access trusted peer group via remote-host command
A flaw was found in glusterfs which can lead to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to...