Описание
glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | end of standard support, was needed |
| cosmic | not-affected | 4.0.2-1 |
| devel | not-affected | 4.0.2-1 |
| disco | not-affected | 4.0.2-1 |
| eoan | not-affected | 4.0.2-1 |
| esm-apps/bionic | not-affected | 3.13.2-1ubuntu1+esm1 |
| esm-apps/focal | not-affected | 4.0.2-1 |
| esm-apps/xenial | not-affected | 3.7.6-1ubuntu1+esm1 |
| esm-infra-legacy/trusty | not-affected | code not present |
Показывать по
7.5 High
CVSS2
8 High
CVSS3
Связанные уязвимости
glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression.
glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression.
glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when usi ...
glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression.
7.5 High
CVSS2
8 High
CVSS3