Oval Definition:	oval:org.opensuse.security:def:201810931
Revision Date: 2022-06-30 Version: 1 Title: CVE-2018-10931 Description: It was found that cobbler 2.6.x exposed all functions from its CobblerXMLRPCInterface class over XMLRPC. A remote, unauthenticated attacker could use this flaw to gain high privileges within cobbler, upload files to arbitrary location in the context of the daemon. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-10931 SUSE-SU-2018:2550-1 SUSE-SU-2018:2551-1 SUSE-SU-2018:2561-1 SUSE-SU-2018:2608-1 openSUSE-SU-2018:2590-1 Mitre CVE-2018-10931 SUSE CVE-2018-10931 SUSE-SU-2018:2550-1 SUSE-SU-2018:2551-1 SUSE-SU-2018:2561-1 SUSE-SU-2018:2608-1 openSUSE-SU-2018:2590-1 openSUSE-SU-2021:0046-1 openSUSE-SU-2021:0058-1 Platform(s): openSUSE Leap 15.2 openSUSE Leap 42.3 openSUSE Tumbleweed SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SP3-CLIENT-TOOLS SUSE Linux Enterprise Server for SAP Applications 11 SP4-CLIENT-TOOLS SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Storage 7 SUSE Manager Proxy 4.1 SUSE Manager Server 4.1 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE Package Hub for SUSE Linux Enterprise 15 SP2 Product(s): Definition Synopsis SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS is installed AND Package Information cobbler-2.2.2-0.68.6 is installed OR koan-2.2.2-0.68.6 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND cobbler-2.6.6-49.14.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS is installed OR SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-CLIENT-TOOLS is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4-CLIENT-TOOLS is installed AND Package Information cobbler-2.2.2-0.68.6 is installed OR koan-2.2.2-0.68.6 is installed Definition Synopsis openSUSE Leap 42.3 is installed AND Package Information cobbler-2.6.6-17 is installed AND cobbler is signed with openSUSE key OR cobbler-tests-2.6.6-17 is installed AND cobbler-tests is signed with openSUSE key OR cobbler-web-2.6.6-17 is installed AND cobbler-web is signed with openSUSE key OR koan-2.6.6-17 is installed AND koan is signed with openSUSE key Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information cobbler-3.1.2-lp152.6.3.1 is installed AND cobbler is signed with openSUSE key OR cobbler-tests-3.1.2-lp152.6.3.1 is installed AND cobbler-tests is signed with openSUSE key OR cobbler-web-3.1.2-lp152.6.3.1 is installed AND cobbler-web is signed with openSUSE key Definition Synopsis openSUSE Tumbleweed is installed AND Package Information cobbler-3.2.1.336+git.5639a3af-1.1 is installed OR cobbler-tests-3.2.1.336+git.5639a3af-1.1 is installed Definition Synopsis SUSE Package Hub for SUSE Linux Enterprise 15 SP2 is installed AND Package Information cobbler-3.1.2-bp152.4.3.1 is installed OR cobbler-tests-3.1.2-bp152.4.3.1 is installed OR cobbler-web-3.1.2-bp152.4.3.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS is installed OR SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS is installed AND koan-2.2.2-0.68.6.1 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND cobbler is affected
BACK