Fedora 29 update for cobbler
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2018-1000226 CVE-2018-10931 |
| CWE-ID | CWE-264 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software |
Fedora Operating systems & Components / Operating system cobbler Operating systems & Components / Operating system package or component |
| Vendor | Fedoraproject |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Privilege escalation
EUVDB-ID: #VU14492
Risk: Low
CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2018-1000226
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain elevated privileges on the target system.
The vulnerability exists due to improper validation of security tokens by the XMLRPC API endpoints. A remote unauthenticated attacker can perform unauthorized actions on a targeted system, such as gaining elevated privileges, modifying or accessing data, or accessing sensitive information.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsFedora: 29
cobbler: before 2.8.4-5.fc29
CPE2.3 External linkshttps://bodhi.fedoraproject.org/updates/FEDORA-2018-22c609e92a
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Privilege escalation
EUVDB-ID: #VU14482
Risk: Low
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-10931
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain elevated privileges on the target system.
The vulnerability exists due to exposure of all functions from its CobblerXMLRPCInterface class over XMLRPC. A remote unauthenticated attacker can gain high privileges within cobbler, upload files to arbitrary location in the context of the daemon.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsFedora: 29
cobbler: before 2.8.4-5.fc29
CPE2.3 External linkshttps://bodhi.fedoraproject.org/updates/FEDORA-2018-22c609e92a
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
