Critical severity9.8NVD Advisory· Published Jan 3, 2018· Updated Jun 17, 2026
CVE-2017-1000469
CVE-2017-1000469
Description
Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
cobblerPyPI | < 3.0.0 | 3.0.0 |
Affected products
29- ghsa-coords29 versionspkg:pypi/cobblerpkg:rpm/opensuse/cobbler&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/cobbler&distro=openSUSE%20Tumbleweedpkg:rpm/suse/cobbler&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/cobbler&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-CLIENT-TOOLSpkg:rpm/suse/cobbler&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-CLIENT-TOOLSpkg:rpm/suse/cobbler&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/cobbler&distro=SUSE%20Manager%20Server%203.0pkg:rpm/suse/cobbler&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/cobbler&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/cobbler&distro=SUSE%20Package%20Hub%2015%20SP2pkg:rpm/suse/google-gson&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/patterns-suse-manager&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/prometheus-client-java&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/py26-compat-salt&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/salt-netapi-client&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/spacewalk-branding&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/spacewalk-certs-tools&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/spacewalk-java&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/spacewalk-utils&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/susemanager&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/susemanager-docs_en&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/susemanager-frontend-libs&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/susemanager-schema&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/susemanager-sls&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/susemanager-sync-data&distro=SUSE%20Manager%20Server%203.1pkg:rpm/suse/susemanager-tftpsync&distro=SUSE%20Manager%20Server%203.1
< 3.0.0+ 28 more
- (no CPE)range: < 3.0.0
- (no CPE)range: < 3.1.2-lp152.6.3.1
- (no CPE)range: < 3.2.1.336+git.5639a3af-1.1
- (no CPE)range: < 2.6.6-49.9.1
- (no CPE)range: < 2.2.2-0.68.3.1
- (no CPE)range: < 2.2.2-0.68.3.1
- (no CPE)range: < 2.6.6-49.9.1
- (no CPE)range: < 2.6.6-49.9.1
- (no CPE)range: < 2.6.6-5.10.4
- (no CPE)range: < 2.6.6-49.9.1
- (no CPE)range: < 3.1.2-bp152.4.3.1
- (no CPE)range: < 2.8.2-3.3.6
- (no CPE)range: < 3.1-3.3.2
- (no CPE)range: < 0.3.0-1.3.5
- (no CPE)range: < 2016.11.4-1.7.2
- (no CPE)range: < 0.14.0-3.9.5
- (no CPE)range: < 2.7.73.13-2.19.5
- (no CPE)range: < 2.7.2.13-2.19.5
- (no CPE)range: < 2.7.0.10-2.12.4
- (no CPE)range: < 2.7.46.14-2.25.1
- (no CPE)range: < 2.7.10.7-2.10.4
- (no CPE)range: < 2.7.1.16-2.19.5
- (no CPE)range: < 3.1.14-2.19.5
- (no CPE)range: < 3.1-10.20.7
- (no CPE)range: < 3.1.1-3.3.2
- (no CPE)range: < 3.1.17-2.23.3
- (no CPE)range: < 3.1.17-2.23.2
- (no CPE)range: < 3.1.14-2.23.2
- (no CPE)range: < 3.1.3-3.6.2
Patches
Vulnerability mechanics
References
4- github.com/cobbler/cobbler/issues/1845nvdExploitMitigationThird Party AdvisoryWEB
- github.com/advisories/GHSA-96hw-v598-jvghghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-1000469ghsaADVISORY
- github.com/cobbler/cobbler/commit/4b20397425a5d42a2d8927233654f4d7435bd4c2ghsaWEB
News mentions
0No linked articles in our index yet.