#VU13886 Privilege escalation in GlusterFS - CVE-2018-10841

Cybersecurity Help s.r.o.

Published: 2018-07-16 | Updated: 2018-07-16

Vulnerability identifier: #VU13886

Vulnerability risk: Low

CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-10841

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
GlusterFS
Server applications / File servers (FTP/HTTP)

Vendor: Gluster Inc.

Description

The vulnerability allows a remote authenticated attacker to gain elevated privileges on the target system.

The vulnerability exists due to boundary error when XXXXX. A remote authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool, start, stop, and delete volumes.

Mitigation
Install update from vendor's website.

Vulnerable software versions

GlusterFS: 3.10.0 - 4.0.2

External links
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10841

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Fedora 28 update for glusterfs

Red Hat update for glusterfs

Privilege escalation in GlusterFS