vulnerability
Huawei EulerOS: CVE-2018-10841: glusterfs security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:S/C:P/I:P/A:P) | Jun 20, 2018 | Aug 10, 2018 | Aug 13, 2025 |
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:P)
Published
Jun 20, 2018
Added
Aug 10, 2018
Modified
Aug 13, 2025
Description
glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool, start, stop, and delete volumes.
Solutions
huawei-euleros-2_0_sp3-upgrade-glusterfshuawei-euleros-2_0_sp3-upgrade-glusterfs-apihuawei-euleros-2_0_sp3-upgrade-glusterfs-client-xlatorshuawei-euleros-2_0_sp3-upgrade-glusterfs-fusehuawei-euleros-2_0_sp3-upgrade-glusterfs-libshuawei-euleros-2_0_sp3-upgrade-glusterfs-rdma
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.