Vulnerability Database

Published: Oct 4, 2021
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-40323" target="_blank" rel="noopener"> CVE-2021-40323
GHSA: <a href="https://github.com/advisories/GHSA-cpqf-3c3r-c9g2" target="_blank" rel="noopener"> GHSA-cpqf-3c3r-c9g2
Severity: Critical
Exploit:

296,720

Total vulnerabilities in the database

Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection.

CVSS v3:

CVSS v2:

CWEs:

Software	From	Fixed in
cobbler_project / cobbler	-	3.3.0.x
cobbler	-	3.3.0

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.