Lucene search

Veracode Vulnerability DatabaseVERACODE:6222

HistoryMay 02, 2018 - 5:32 a.m.

Privilege Escalation

2018-05-0205:32:24

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

EPSS

0.008

Percentile

81.9%

JSON

libglusterfs.so is vulnerable to privilege escalation. A malicious user can use an unauthenticated gluster client to connect and mount arbitrary gluster storage volumes that can escalate privileges through a scheduled cronjob.

References

lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html

access.redhat.com/articles/3414511

access.redhat.com/errata/RHSA-2018:1136

access.redhat.com/errata/RHSA-2018:1137

access.redhat.com/errata/RHSA-2018:1275

access.redhat.com/errata/RHSA-2018:1524

access.redhat.com/security/cve/CVE-2018-1088

bugzilla.redhat.com/show_bug.cgi?id=1558721

github.com/gluster/glusterfs/commit/961883e065f80125e5db648e7c214677b2390736

lists.debian.org/debian-lts-announce/2021/11/msg00000.html

security.gentoo.org/glsa/201904-06

EPSS

0.008

Percentile

81.9%

JSON

Related for VERACODE:6222