CVE Vulnerabilities

CVE-2021-40325

Published: Oct 04, 2021 | Modified: Aug 08, 2023

CVSS 3.x

7.5

HIGH

Source:

NVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVSS 2.x

5 MEDIUM

RedHat/V2

RedHat/V3

Ubuntu

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2021-40325
CWE	https://cwe.mitre.org/data/definitions/.html

Cobbler before 3.3.0 allows authorization bypass for modification of settings.

Affected Software

Name	Vendor	Start Version	End Version
Cobbler	Cobbler_project	*	3.3.0 (including)

References

https://github.com/cobbler/cobbler/commit/d8f60bbf14a838c8c8a1dba98086b223e35fe70a
https://github.com/cobbler/cobbler/releases/tag/v3.3.0

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.