#VU14482 Privilege escalation in Cobbler - CVE-2018-10931

Cybersecurity Help s.r.o.

Published: 2018-08-20 | Updated: 2018-08-21

Vulnerability identifier: #VU14482

Vulnerability risk: Low

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-10931

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cobbler
Server applications / Other server solutions

Vendor: Cobbler project

Description

The vulnerability allows a remote attacker to gain elevated privileges on the target system.

The vulnerability exists due to exposure of all functions from its CobblerXMLRPCInterface class over XMLRPC. A remote unauthenticated attacker can gain high privileges within cobbler, upload files to arbitrary location in the context of the daemon.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Cobbler: 2.6.0 - 2.6.11

External links
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10931

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

OpenSUSE Linux update for cobbler

Red Hat update for cobbler

Privilege escalation in Cobbler

Red Hat update for cobbler