vulnerability
Ubuntu: USN-6475-1 (CVE-2021-40323): Cobbler vulnerabilities
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Oct 4, 2021 | Nov 16, 2023 | Nov 15, 2024 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Oct 4, 2021
Added
Nov 16, 2023
Modified
Nov 15, 2024
Description
Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection.
Solution(s)
ubuntu-pro-upgrade-cobblerubuntu-pro-upgrade-cobbler-commonubuntu-pro-upgrade-cobbler-webubuntu-pro-upgrade-koanubuntu-pro-upgrade-python-cobblerubuntu-pro-upgrade-python-koan

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.