Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-10-04T05:37:50
Updated: 2024-08-04T02:27:31.884Z
Reserved: 2021-08-30T00:00:00
Link: CVE-2021-40323
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-10-04T06:15:07.187
Modified: 2021-10-12T20:25:00.817
Link: CVE-2021-40323
Redhat