Описание
Absolute path traversal vulnerability in the web interface in Cobbler 2.4.x through 2.6.x allows remote authenticated users to read arbitrary files via the Kickstart field in a profile.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cobblerd:cobbler:2.4.0:-:*:*:*:*:*:*
cpe:2.3:a:cobblerd:cobbler:2.4.0:1:*:*:*:*:*:*
cpe:2.3:a:cobblerd:cobbler:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:cobblerd:cobbler:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:cobblerd:cobbler:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:cobblerd:cobbler:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:cobblerd:cobbler:2.6.0:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06113
Низкий
4 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
ubuntu
больше 11 лет назад
Absolute path traversal vulnerability in the web interface in Cobbler 2.4.x through 2.6.x allows remote authenticated users to read arbitrary files via the Kickstart field in a profile.
redhat
больше 11 лет назад
Absolute path traversal vulnerability in the web interface in Cobbler 2.4.x through 2.6.x allows remote authenticated users to read arbitrary files via the Kickstart field in a profile.
debian
больше 11 лет назад
Absolute path traversal vulnerability in the web interface in Cobbler ...
EPSS
Процентиль: 91%
0.06113
Низкий
4 Medium
CVSS2
Дефекты
CWE-22