CyberSec.Space Logo
Back to CVE Browser

CVE-2018-1000226

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1320%
EPSS Percentile39.95th
PublishedAug 20, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Incorrect Access Control vulnerability in XMLRPC API (/cobbler_api) that can result in Privilege escalation, data manipulation or exfiltration, LDAP credential harvesting. This attack appear to be exploitable via "network connectivity". Taking advantage of improper validation of security tokens in API endpoints. Please note this is a different issue than CVE-2018-10931.

Affected Platforms (CPE)

πŸ“¦
Cobblerd

Cobbler

>= 2.0.0

References & Advisories

πŸ”— https://github.com/cobbler/cobbler/issues/1916
πŸ”— https://movermeyer.com/2018-08-02-privilege-escalation-exploits-in-cobblers-api/
πŸ”— https://github.com/cobbler/cobbler/issues/1916
πŸ”— https://movermeyer.com/2018-08-02-privilege-escalation-exploits-in-cobblers-api/

Related Vulnerabilities

CVE-2017-10004699.8

Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary ...

CVE-2018-109319.8

It was found that cobbler 2.6.x exposed all functions from its CobblerXMLRPCInterface class over XMLRPC. A remote, unauthenticated...

CVE-2021-403239.8

Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for ...

CVE-2008-69549.0

The web interface (CobblerWeb) in Cobbler before 1.2.9 allows remote authenticated users to execute arbitrary Python code in cobbl...