Опубликовано: 04 окт. 2021
Источник: ubuntu
Приоритет: high
EPSS Критический
CVSS2: 7.5
CVSS3: 9.8
Описание
Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-apps/xenial | released | 2.4.1-0ubuntu2+esm1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE |
Показывать по
10
EPSS
Процентиль: 100%
0.93171
Критический
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
CVSS3: 9.1
redhat
больше 4 лет назад
Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection.
CVSS3: 9.8
nvd
больше 4 лет назад
Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection.
CVSS3: 9.8
debian
больше 4 лет назад
Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code E ...
EPSS
Процентиль: 100%
0.93171
Критический
7.5 High
CVSS2
9.8 Critical
CVSS3