vulnerability
SUSE: CVE-2018-1088: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Apr 18, 2018 | Jan 21, 2020 | Oct 22, 2021 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Apr 18, 2018
Added
Jan 21, 2020
Modified
Oct 22, 2021
Description
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink.
Solutions
suse-upgrade-glusterfssuse-upgrade-glusterfs-develsuse-upgrade-libgfapi0suse-upgrade-libgfchangelog0suse-upgrade-libgfdb0suse-upgrade-libgfrpc0suse-upgrade-libgfxdr0suse-upgrade-libglusterfs0suse-upgrade-python-gluster
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.