#VU12150 Symlink attack in Red Hat Gluster Storage Server for On-premise - CVE-2018-1088
Published: April 25, 2018
Vulnerability identifier: #VU12150
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2018-1088
CWE-ID: CWE-61
Exploitation vector: Adjecent network
Exploit availability:
Public exploit is available
Vulnerable software:
Red Hat Gluster Storage Server for On-premise
Red Hat Gluster Storage Server for On-premise
Software vendor:
Red Hat Inc.
Red Hat Inc.
Description
The vulnerability allows an adjacent unauthenticated attacker to gain elevated privileges on the target system.
The weakness exists in the snapshot scheduler due to improper security restrictions during the mounting of gluster volumes. An adjacent attacker can access a gluster node, perform symbolic link attack that is designed to schedule malicious cronjobs and gain root privileges.
The weakness exists in the snapshot scheduler due to improper security restrictions during the mounting of gluster volumes. An adjacent attacker can access a gluster node, perform symbolic link attack that is designed to schedule malicious cronjobs and gain root privileges.
Remediation
Install update from vendor's website.