CVE-2018-1000226
high-risk
Published 2018-08-20
Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Incorrect Access Control vulnerability in XMLRPC API (/cobbler_api) that can result in Privilege escalation, data manipulation or exfiltration, LDAP credential harvesting. This attack appear to be exploitable via "network connectivity". Taking advantage of improper validation of security tokens in API endpoints. Please note this is a different issue than CVE-2018-10931.
Do I need to act?
!
60.0% chance of exploitation in next 30 days
EPSS score — higher than 40% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10
Critical
NETWORK
/ LOW complexity
Affected Products (1)
Cobbler
Affected Vendors
References (4)
Issue Tracking
https://github.com/cobbler/cobbler/issues/1916
Third Party Advisory
https://movermeyer.com/2018-08-02-privilege-escalation-exploits-in-cobblers-api/
Issue Tracking
https://github.com/cobbler/cobbler/issues/1916
Third Party Advisory
https://movermeyer.com/2018-08-02-privilege-escalation-exploits-in-cobblers-api/
55
/ 100
high-risk
Severity
32/34 · Critical
Exploitability
18/34 · Moderate
Exposure
5/34 · Minimal