Privilege escalation in GlusterFS
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2018-10841 |
| CWE-ID | CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
GlusterFS Server applications / File servers (FTP/HTTP) |
| Vendor | Gluster Inc. |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Privilege escalation
EUVDB-ID: #VU13886
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-10841
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to gain elevated privileges on the target system.
The vulnerability exists due to boundary error when XXXXX. A remote authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool, start, stop, and delete volumes.
MitigationInstall update from vendor's website.
GlusterFS: 3.10.0 - 4.0.2
CPE2.3- cpe:2.3:a:gluster:glusterfs:3.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:gluster:glusterfs:3.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:gluster:glusterfs:3.10.2:*:*:*:*:*:*:*
http://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10841
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
