CVE-2018-10928

Current Description

A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on glusterfs server nodes.

Referenced by CVEs:CVE-2018-14651

Basic Data

PublishedSeptember 04, 2018
Last ModifiedApril 02, 2019
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-59
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationSINGLE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score6.5
SeverityMEDIUM
Exploitability Score8.0
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

CVSS 3 - Version3.0
CVSS 3 - Vector StringCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 3 - Attack VectorNETWORK
CVSS 3 - Attack ComplexityLOW
CVSS 3 - Privileges RequiredLOW
CVSS 3 - User InteractionNONE
CVSS 3 - ScopeUNCHANGED
CVSS 3 - Confidentiality ImpactHIGH
CVSS 3 - Integrity ImpactHIGH
CVSS 3 - Availability ImpactHIGH
CVSS 3 - Base Score8.8
CVSS 3 - Base SeverityHIGH
Exploitability Score2.8
Base SeverityHIGH

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSDebianDebian Linux8.0*******
    2.3OSRedhatEnterprise Linux6.0*******
    2.3OSRedhatEnterprise Linux7.0*******
    2.3OSRedhatEnterprise Linux Server6.0*******
    2.3OSRedhatEnterprise Linux Server7.0*******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationGlusterGlusterfs********3.123.12.14
    2.3ApplicationGlusterGlusterfs********4.14.1.4
  • OR - Configuration 3
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationRedhatGluster Storage3.0*******
    2.3ApplicationRedhatVirtualization Host4.0*******
    2.3OSRedhatVirtualization4.0*******

Vulnerable Software List

VendorProductVersions
Debian Debian Linux 8.0
Gluster Glusterfs *
Redhat Enterprise Linux 6.0, 7.0
Redhat Virtualization Host 4.0
Redhat Gluster Storage 3.0
Redhat Virtualization 4.0
Redhat Enterprise Linux Server 6.0, 7.0

References

NameSourceURLTags
openSUSE-SU-2020:0079http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.htmlSUSE
RHSA-2018:2607https://access.redhat.com/errata/RHSA-2018:2607REDHATThird Party Advisory
RHSA-2018:2608https://access.redhat.com/errata/RHSA-2018:2608REDHATThird Party Advisory
RHSA-2018:3470https://access.redhat.com/errata/RHSA-2018:3470REDHATThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10928https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10928CONFIRMIssue Tracking Patch Third Party Advisory
[debian-lts-announce] 20180920 [SECURITY] [DLA 1510-1] glusterfs security updatehttps://lists.debian.org/debian-lts-announce/2018/09/msg00021.htmlMLISTMailing List Third Party Advisory
GLSA-201904-06https://security.gentoo.org/glsa/201904-06GENTOO