Main Vulnerability Database Exploits ID:1965 - Exploit for Improper authentication in GlusterFS - CVE-2018-1112

ID:1965 - Exploit for Improper authentication in GlusterFS - CVE-2018-1112

Published: March 18, 2020

Vulnerability identifier: #VU12435

Vulnerability risk: Low

CVE-ID: CVE-2018-1112

CWE-ID: CWE-287

Exploitation vector: Remote access

Vulnerable software:
GlusterFS

Link to public exploit:

https://github.com/MauroEldritch/GEVAUDAN

Vulnerability description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to improper authentication when using 'auth.allow' option. A remote attacker can mount gluster storage volumes.

Remediation

Update to versions 3.10.12 or 4.0.2.

ID:1965 - Exploit for Improper authentication in GlusterFS - CVE-2018-1112

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human