CVE-2021-40323
Description
Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
93.171
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2021-40323,CVE-2021-40324,CVE-2021-40325 are fixed in Python-cobbler 3.3.0 | Windows |
| Vulnerabilities CVE-2021-40323,CVE-2021-40324,CVE-2021-40325 are fixed in Python-cobbler for linux 3.3.0 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234