Vulnerabilities for Cobbler (...) - CXSECURITY.COM

Vulnerabilities for 'Cobbler'

2022-02-20

CVE-2021-45081

CWE-327

An issue was discovered in Cobbler through 3.3.1. Routines in several files use the HTTP protocol instead of the more secure HTTPS.

CVE-2021-45083

CWE-276

An issue was discovered in Cobbler before 3.3.1. Files in /etc/cobbler are world readable. Two of those files contain some sensitive information that can be exposed to a local user who has non-privileged access to the server. The users.digest file contains the sha2-512 digest of users in a Cobbler local installation. In the case of an easy-to-guess password, it's trivial to obtain the plaintext string. The settings.yaml file contains secrets such as the hashed default password.

2021-10-04

CVE-2021-40323

CWE-94

Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection.

CVE-2021-40324

CWE-434

Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data.

CVE-2021-40325

CWE-863

Cobbler before 3.3.0 allows authorization bypass for modification of settings.

2018-08-22

CVE-2016-9605

CWE-79

A flaw was found in cobbler software component version 2.6.11-1. It suffers from an invalid parameter validation vulnerability, leading the arbitrary file reading. The flaw is triggered by navigating to a vulnerable URL via cobbler-web on a default installation.

2018-01-03

CVE-2017-1000469

CWE-20

Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user.

2014-10-26

CVE-2011-4953

CWE-20

The set_mgmt_parameters function in item.py in cobbler before 2.2.2 allows context-dependent attackers to execute arbitrary code via vectors related to the use of the yaml.load function instead of the yaml.safe_load function, as demonstrated using Puppet.

Copyright 2024, cxsecurity.com