CVE-2022-0860Improper Authorization in Cobbler

CWE-285Improper AuthorizationCWE-863Incorrect Authorization6 documents5 sources
Severity
9.1CRITICALNVD
EPSS
0.7%
top 26.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Cobbler CobblerCobbler Project CobblerFedoraproject Fedora
Timeline
PublishedMar 11
Latest updateNov 13

Description

Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2

Affected Packages3 packages

CVEListV5cobbler/cobbler_cobblerunspecified3.3.2
PyPIcobbler_project/cobbler< 3.3.2+1

Also affects: Fedora 34, 35, 36

Patches

Patch: github.comPatch: huntr.devPatch: github.com

🔴Vulnerability Details

4
OSV
Improper Authorization in cobbler2022-03-11
CVEList
Improper Authorization in cobbler/cobbler2022-03-11
OSV
CVE-2022-0860: Improper Authorization in GitHub repository cobbler/cobbler prior to 32022-03-11
GHSA
Improper Authorization in cobbler2022-03-11

📋Vendor Advisories

1
Ubuntu
Cobbler vulnerabilities2023-11-13
CVE-2022-0860 — Improper Authorization in Cobbler | cvebase