Red Hat · Glusterfs · CVE-2018-10841
**Name of the Vulnerable Software and Affected Versions**
glusterfs (affected versions not specified)
**Description**
The issue allows for privilege escalation on gluster server nodes. An authenticated gluster client using TLS can exploit this by utilizing the gluster cli with the `--remote-host` command. This enables the client to add itself to the trusted storage pool and perform privileged gluster operations, including adding other machines to the trusted storage pool, as well as starting, stopping, and deleting volumes.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.