CVE-2018-1000226

Aliases:GHSA-f88q-22g8-frcg
Advisory lineage Upstream: 0 Downstream: 9
Modified
Published: 20 Aug 2018, 20:00
Last modified:05 Aug 2024, 12:40

Vulnerability Summary

Overall Risk (default)
high
70/100
CVSS Score
9.8 CRITICAL
v3.0 (nvd)
EPSS Score
60.01% CRITICAL
60% probability -1.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

20 Aug 2018, 20:00
Published
Vulnerability first disclosed
05 Aug 2024, 12:40
Last Modified
Vulnerability information updated

Description

Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Incorrect Access Control vulnerability in XMLRPC API (/cobbler_api) that can result in Privilege escalation, data manipulation or exfiltration, LDAP credential harvesting. This attack appear to be exploitable via "network connectivity". Taking advantage of improper validation of security tokens in API endpoints. Please note this is a different issue than CVE-2018-10931.

CVSS Metrics

  • v3.0CRITICALScore: 9.8CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • v2.0HIGHScore: 7.5AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS Trends

Current EPSS score: 60.01% Percentile: 98%

Techniques & Countermeasures

  • CWE-732Incorrect Permission Assignment for Critical Resource

    The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

Affected Systems

  • cobblerdcobbler

    ≥ 2.0.0

  • PyPIcobbler

    < 3.0.0

References (5)