CVE-2018-10865

It was discovered that the /configuration view of redhat-certification 7 does not perform an authorization check and it allows an unauthenticated user to call a "restart" RPC method on any host accessible by the system, even if not belonging to him.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:redhat:certification:7.0:*:*:*:*:*:*:*

Information

Published : 2021-05-26 12:15

Updated : 2023-02-10 09:51


NVD link : CVE-2018-10865

Mitre link : CVE-2018-10865


JSON object : View

CWE
CWE-862

Missing Authorization

Advertisement

dedicated server usa

Products Affected

redhat

  • certification