CVE-2018-1000226

Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Incorrect Access Control vulnerability in XMLRPC API (/cobbler_api) that can result in Privilege escalation, data manipulation or exfiltration, LDAP credential harvesting. This attack appear to be exploitable via "network connectivity". Taking advantage of improper validation of security tokens in API endpoints. Please note this is a different issue than CVE-2018-10931.

Published: Aug 20, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-1000226
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-732

Affected Software
References

Software	From	Fixed in
cobblerd / cobbler	2.0.0	2.0.0.x

https://github.com/cobbler/cobbler/issues/1916
https://movermeyer.com/2018-08-02-privilege-escalation-exploits-in-cobblers-api/

Vulnerability Database

289,697

CVE-2018-1000226