vulnerability

CentOS Linux: CVE-2018-10841: Important: glusterfs security update (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:S/C:P/I:P/A:P)	Jun 20, 2018	Aug 28, 2019	May 25, 2023

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:P/A:P)

Published

Jun 20, 2018

Added

Aug 28, 2019

Modified

May 25, 2023

Description

glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool, start, stop, and delete volumes.

Solution

centos-upgrade-glusterfs-server

References

NVD-CVE-2018-10841
REDHAT-RHSA-2018:1954
REDHAT-RHSA-2018:1955

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today