Vulnerability CVE-2018-10931


Published: 2018-08-09

Description:
It was found that cobbler 2.6.x exposed all functions from its CobblerXMLRPCInterface class over XMLRPC. A remote, unauthenticated attacker could use this flaw to gain high privileges within cobbler, upload files to arbitrary location in the context of the daemon.

 References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10931

Copyright 2018, cxsecurity.com

 

Back to Top