CVE-2017-15103

Name of the Vulnerable Software and Affected Versions Heketi version 5

Description A security flaw was discovered in the Heketi server API, allowing an authenticated user to send specially crafted requests, potentially leading to remote command execution as the user running the Heketi server and possibly privilege escalation.

Recommendations For Heketi version 5, consider restricting access to the API until a fix is available, and avoid using the API for sensitive operations to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.