Описание
glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression.
glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-1112
- https://access.redhat.com/articles/3422521
- https://access.redhat.com/errata/RHSA-2018:1268
- https://access.redhat.com/errata/RHSA-2018:1269
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1112
- https://review.gluster.org/#/c/19899/1..2
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html
Связанные уязвимости
glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression.
glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression.
glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression.
glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when usi ...
