SUSE-SU-2021:3151-1

Advisory lineage Upstream: 3 Downstream: 0

Upstream

CVE-2021-40323 CVE-2021-40324 CVE-2021-40325

Published: 20 Sept 2021, 15:21

Last modified:02 May 2025, 04:31

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

20 Sept 2021, 15:21

Published

Vulnerability first disclosed

02 May 2025, 04:31

Last Modified

Vulnerability information updated

Description

Security update for cobbler This update for cobbler fixes the following issues: Security issues fixed: - CVE-2021-40323: Fixed an arbitrary file disclosure/Template Injection (bsc#1189458) - CVE-2021-40324: Fixed an arbitrary file write (bsc#1189458) - CVE-2021-40325: Fixed a problem with the token validation (bsc#1189458) - Please note that with these changes, a valid log data from Anamon (Red Hat Autoinstallation Process) uploaded to cobbler may be rejected

Affected Systems

suse•cobbler&distro=SUSE Manager Server Module 4.1
< 3.0.0+git20190806.32c4bae0-8.22.6.1

SUSE-SU-2021:3151-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (5)