Symlink attack in Red Hat Gluster Storage Server for On-premise - CVE-2018-1088
Published: April 25, 2018
Vulnerability identifier: #VU12150
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2018-1088
CWE-ID: CWE-61
Exploitation vector: Adjecent network
Exploit availability:
Public exploit is available
Vendor: Red Hat Inc.
Affected software:
Red Hat Gluster Storage Server for On-premise
Red Hat Gluster Storage Server for On-premise
Detailed vulnerability description
The vulnerability allows an adjacent unauthenticated attacker to gain elevated privileges on the target system.
The weakness exists in the snapshot scheduler due to improper security restrictions during the mounting of gluster volumes. An adjacent attacker can access a gluster node, perform symbolic link attack that is designed to schedule malicious cronjobs and gain root privileges.
The weakness exists in the snapshot scheduler due to improper security restrictions during the mounting of gluster volumes. An adjacent attacker can access a gluster node, perform symbolic link attack that is designed to schedule malicious cronjobs and gain root privileges.
How to mitigate CVE-2018-1088
Install update from vendor's website.