Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-14651

Опубликовано: 31 окт. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.5
CVSS3: 8.8

Описание

It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. A remote, authenticated attacker could use one of these flaws to execute arbitrary code, create arbitrary files, or cause denial of service on glusterfs server nodes via symlinks to relative paths.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
cosmic

ignored

end of life
devel

not-affected

4.1.4-1
disco

not-affected

4.1.4-1
eoan

not-affected

4.1.4-1
esm-apps/bionic

released

3.13.2-1ubuntu1+esm1
esm-apps/focal

not-affected

4.1.4-1
esm-apps/xenial

released

3.7.6-1ubuntu1+esm1
esm-infra-legacy/trusty

released

3.4.2-1ubuntu1+esm1
focal

not-affected

4.1.4-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 88%
0.03706
Низкий

6.5 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-14651

CVSS3: 8.8
redhat
больше 7 лет назад

It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. A remote, authenticated attacker could use one of these flaws to execute arbitrary code, create arbitrary files, or cause denial of service on glusterfs server nodes via symlinks to relative paths.

nvd логотип

CVE-2018-14651

CVSS3: 8.8
nvd
больше 7 лет назад

It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. A remote, authenticated attacker could use one of these flaws to execute arbitrary code, create arbitrary files, or cause denial of service on glusterfs server nodes via symlinks to relative paths.

debian логотип

CVE-2018-14651

CVSS3: 8.8
debian
больше 7 лет назад

It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018 ...

github логотип

GHSA-p7qq-cq4p-g2h3

CVSS3: 8.8
github
больше 3 лет назад

It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. A remote, authenticated attacker could use one of these flaws to execute arbitrary code, create arbitrary files, or cause denial of service on glusterfs server nodes via symlinks to relative paths.

fstec логотип

BDU:2023-05466

CVSS3: 8.8
fstec
больше 7 лет назад

Уязвимость файловой системы GlusterFS, связанная с некорректным определением ссылки перед доступом к файлу, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

EPSS

Процентиль: 88%
0.03706
Низкий

6.5 Medium

CVSS2

8.8 High

CVSS3