Home CVE Database CVE-2018-1112

CVE-2018-1112

Description

glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using \'auth.allow\' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression.

Priority: HIGH
CVSS v3: 8.8
Publish Date: Apr 25, 2018
Related ID: --
CVSS v2: HIGH
Modified Date: Apr 25, 2018

Find out more about CVE-2018-1112 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

glusterfs

Live chat
Online