Cobbler Security Vulnerabilities and Issues — Cobbler CVE List | Vulners.com

Lucene search

K

Cobbler ProjectCobbler

3 matches found

CVE•added 2021/10/04 6:15 a.m.•122 views

CVE-2021-40323

Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection.

9.8CVSS9.6AI score0.93927EPSS

CVE•added 2021/10/04 6:15 a.m.•106 views

CVE-2021-40325

Cobbler before 3.3.0 allows authorization bypass for modification of settings.

7.5CVSS8.4AI score0.00025EPSS

CVE•added 2021/10/04 6:15 a.m.•99 views

CVE-2021-40324

Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data.

7.5CVSS8.5AI score0.03531EPSS