usn-6475-1
Vulnerability from osv_ubuntu
Published
2023-11-13 15:04
Modified
2026-06-25 10:46
Summary
cobbler vulnerabilities
Details

It was discovered that Cobbler did not properly handle user input, which could result in an absolute path traversal. An attacker could possibly use this issue to read arbitrary files. (CVE-2014-3225)

It was discovered that Cobbler did not properly handle user input, which could result in command injection. An attacker could possibly use this issue to execute arbitrary code with high privileges. (CVE-2017-1000469, CVE-2021-45082)

It was discovered that Cobbler did not properly hide private functions in a class. A remote attacker could possibly use this issue to gain high privileges and upload files to an arbitrary location. (CVE-2018-10931, CVE-2018-1000225, CVE-2018-1000226)

Nicolas Chatelain discovered that Cobbler did not properly handle user input, which could result in log poisoning. A remote attacker could possibly use this issue to bypass authorization, write in an arbitrary file, or execute arbitrary code. (CVE-2021-40323, CVE-2021-40324, CVE-2021-40325)

It was discovered that Cobbler did not properly handle file permissions during package install or update operations. An attacker could possibly use this issue to perform a privilege escalation attack. (CVE-2021-45083)

It was discovered that Cobbler did not properly process credentials for expired accounts. An attacker could possibly use this issue to login to the platform with an expired account or password. (CVE-2022-0860)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2014-3225",
              "severity": [
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2017-1000469",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-10931",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-1000225",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-1000226",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-40323",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-40324",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-40325",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-45082",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-45083",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2022-0860",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:Pro:16.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
        "binaries": [
          {
            "binary_name": "cobbler",
            "binary_version": "2.4.1-0ubuntu2+esm1"
          },
          {
            "binary_name": "cobbler-common",
            "binary_version": "2.4.1-0ubuntu2+esm1"
          },
          {
            "binary_name": "cobbler-web",
            "binary_version": "2.4.1-0ubuntu2+esm1"
          },
          {
            "binary_name": "koan",
            "binary_version": "2.4.1-0ubuntu2+esm1"
          },
          {
            "binary_name": "python-cobbler",
            "binary_version": "2.4.1-0ubuntu2+esm1"
          },
          {
            "binary_name": "python-koan",
            "binary_version": "2.4.1-0ubuntu2+esm1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:16.04:LTS",
        "name": "cobbler",
        "purl": "pkg:deb/ubuntu/cobbler@2.4.1-0ubuntu2+esm1?arch=source\u0026distro=esm-apps/xenial"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.1-0ubuntu2+esm1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2.4.1-0ubuntu2"
      ]
    }
  ],
  "aliases": [],
  "details": "It was discovered that Cobbler did not properly handle user input, which\ncould result in an absolute path traversal. An attacker could possibly \nuse this issue to read arbitrary files. (CVE-2014-3225)\n\nIt was discovered that Cobbler did not properly handle user input, which\ncould result in command injection. An attacker could possibly use this \nissue to execute arbitrary code with high privileges. \n(CVE-2017-1000469, CVE-2021-45082)\n\nIt was discovered that Cobbler did not properly hide private functions in\na class. A remote attacker could possibly use this issue to gain high \nprivileges and upload files to an arbitrary location. \n(CVE-2018-10931, CVE-2018-1000225, CVE-2018-1000226)\n\nNicolas Chatelain discovered that Cobbler did not properly handle user \ninput, which could result in log poisoning. A remote attacker could \npossibly use this issue to bypass authorization, write in an arbitrary \nfile, or execute arbitrary code. \n(CVE-2021-40323, CVE-2021-40324, CVE-2021-40325)\n\nIt was discovered that Cobbler did not properly handle file permissions \nduring package install or update operations. An attacker could possibly \nuse this issue to perform a privilege escalation attack. (CVE-2021-45083)\n\nIt was discovered that Cobbler did not properly process credentials for \nexpired accounts. An attacker could possibly use this issue to login to \nthe platform with an expired account or password. (CVE-2022-0860)\n",
  "id": "USN-6475-1",
  "modified": "2026-06-25T10:46:17Z",
  "published": "2023-11-13T15:04:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-6475-1"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2014-3225"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2017-1000469"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2018-10931"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2018-1000225"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2018-1000226"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2021-40323"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2021-40324"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2021-40325"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2021-45082"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2021-45083"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-0860"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "cobbler vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2014-3225",
    "UBUNTU-CVE-2017-1000469",
    "UBUNTU-CVE-2018-10931",
    "UBUNTU-CVE-2018-1000225",
    "UBUNTU-CVE-2018-1000226",
    "UBUNTU-CVE-2021-40323",
    "UBUNTU-CVE-2021-40324",
    "UBUNTU-CVE-2021-40325",
    "UBUNTU-CVE-2021-45082",
    "UBUNTU-CVE-2021-45083",
    "UBUNTU-CVE-2022-0860"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…