Michael Dehaan Cobbler — known CVE vulnerabilities
Every CVE whose affected-product data names Michael Dehaan Cobbler, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2008-6954 — CVSS 9.0 (critical): The web interface (CobblerWeb) in Cobbler before 1.2.9 allows remote authenticated users to execute arbitrary Python code in cobblerd by…
CVE-2010-2235 — CVSS 8.5 (high): template_api.py in Cobbler before 2.0.7, as used in Red Hat Network Satellite Server and other products, does not disable the ability of…
CVE-2009-5021 — CVSS 7.5 (high): Cobbler before 1.6.1 does not properly determine whether an installation has the default password, which makes it easier for attackers to…
CVE-2012-2395 — CVSS 7.5 (high): Incomplete blacklist vulnerability in action_power.py in Cobbler 2.2.0 allows remote attackers to execute arbitrary commands via shell…
CVE-2010-4512 — CVSS 7.2 (high): Cobbler before 2.0.4 uses an incorrect umask value, which allows local users to have an unspecified impact by leveraging world writable…