High severity8.0NVD Advisory· Published Apr 25, 2018· Updated Jun 17, 2026
CVE-2018-1112
CVE-2018-1112
Description
glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- unspecified/glusterfsv5Range: glusterfs 3.10.12
Patches
Vulnerability mechanics
References
6- access.redhat.com/articles/3422521nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:1268nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:1269nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- review.gluster.orgnvdVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.htmlnvd
News mentions
0No linked articles in our index yet.