CVE-2018-1088

HIGH

Redhat Gluster Storage < 3.13.2 - Incorrect Privilege Assignment

Title source: rule

Description

A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink.

Exploits (1)

nomisec WORKING POC 10 stars

by MauroEldritch · poc

https://github.com/MauroEldritch/GEVAUDAN

View Code ZIP pw:eip

References (8)

Core 8

Core References

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:1137

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:1275

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:1524

Issue Tracking, Patch, Vendor Advisory x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=1558721

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:1136

Third Party Advisory vendor-advisory x_refsource_gentoo

https://security.gentoo.org/glsa/201904-06

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html

Mailing List, Third Party Advisory mailing-list x_refsource_mlist

https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html

Scores

CVSS v3 8.1

EPSS 0.1078

EPSS Percentile 93.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-266

Status published

Products (7)

debian/debian_linux 9.0

opensuse/leap 15.1

redhat/enterprise_linux_server 6.0

redhat/enterprise_linux_server 7.0

redhat/gluster_storage 3.0 - 3.13.2

redhat/virtualization 4.0

redhat/virtualization_host 4.0

Published Apr 18, 2018

Tracked Since Feb 18, 2026