vulnerability
Red Hat: CVE-2018-10923: Important: Red Hat Gluster Storage security, bug fix, and enhancement update (Multiple Advisories)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
6 | (AV:N/AC:L/Au:S/C:P/I:P/A:N) | Sep 4, 2018 | Sep 5, 2018 | Mar 3, 2021 |
Severity
6
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:N)
Published
Sep 4, 2018
Added
Sep 5, 2018
Modified
Mar 3, 2021
Description
It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node. An authenticated attacker could use this to create an arbitrary device and read data from any device attached to the glusterfs server node.
Solution
redhat-upgrade-glusterfs-server

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.