PT-2018-9393 · Cobbler+2 · Cobbler+2

Michael Overmeyer

Published

2018-08-20

Updated

2024-06-15

CVE-2018-1000226

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Cobbler versions 2.0.0 through 2.6.11+

Description The issue concerns an Incorrect Access Control vulnerability in the XMLRPC API, specifically at the /cobbler api endpoint. This can lead to privilege escalation, data manipulation or exfiltration, and LDAP credential harvesting. The vulnerability is exploitable via network connectivity and is a result of improper validation of security tokens in API endpoints.

Recommendations For Cobbler versions 2.0.0 through 2.6.11+, consider restricting access to the /cobbler api endpoint until a patch is available. As a temporary workaround, review and strengthen the validation of security tokens in API endpoints to minimize the risk of exploitation.

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2018-1000226

GHSA-F88Q-22G8-FRCG

OPENSUSE-SU-2018_2590-1

OPENSUSE-SU-2021:0046-1

OPENSUSE-SU-2021:0058-1

OPENSUSE-SU-2021_0046-1

OPENSUSE-SU-2024:10690-1

SUSE-RU-2018:2639-1

SUSE-SU-2018:2551-1

SUSE-SU-2018:2561-1

SUSE-SU-2018:2608-1

USN-6475-1

Affected Products

Cobbler

Suse

Ubuntu

PT-2018-9393 · Cobbler+2 · Cobbler+2

CVE-2018-1000226

Weakness Enumeration

Related Identifiers

Affected Products

References · 108