Download
| Alert*
|
CVE-2021-40323
Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection. CVE-2021-40325 Cobbler before 3.3.0 allows authorization bypass for modification of settings. CVE-2021-40324 Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data. |
