CVE-2018-10931

It was found that cobbler 2.6.x exposed all functions from its CobblerXMLRPCInterface class over XMLRPC. A remote, unauthenticated attacker could use this flaw to gain high privileges within cobbler, upload files to arbitrary location in the context of the daemon.
Configurations

Configuration 1

cpe:2.3:a:cobbler_project:cobbler:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*

Information

Published : 2018-08-09 08:29

Updated : 2023-02-12 11:31


NVD link : CVE-2018-10931

Mitre link : CVE-2018-10931

Products Affected
No products.
CWE