It was discovered that the fix for CVE-2017-12150 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.
The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gluster_storage | Redhat | 3.3 (including) | 3.3 (including) |
Red Hat Gluster Storage 3.3 for RHEL 6 | RedHat | samba-0:4.6.3-8.el6rhs | * |