High severityNVD Advisory· Published Oct 4, 2021· Updated Aug 4, 2024
CVE-2021-40325
CVE-2021-40325
Description
Cobbler before 3.3.0 allows authorization bypass for modification of settings.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
cobblerPyPI | < 3.3.0 | 3.3.0 |
Affected products
30- Cobbler/Cobblerdescription
- ghsa-coords29 versionspkg:pypi/cobblerpkg:rpm/suse/branch-network-formula&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/cobbler&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/cobbler&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/cpu-mitigations-formula&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/inter-server-sync&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/openvpn-formula&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/prometheus-exporters-formula&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/py26-compat-salt&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/py27-compat-salt&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/release-notes-susemanager&distro=SUSE%20Manager%20Server%204.2pkg:rpm/suse/release-notes-susemanager-proxy&distro=SUSE%20Manager%20Proxy%204.2pkg:rpm/suse/release-notes-susemanager-proxy&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.2pkg:rpm/suse/saltboot-formula&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-certs-tools&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-java&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-setup&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-utils&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-build-keys&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-doc-indexes&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-docs_en&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-schema&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-sls&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-sync-data&distro=SUSE%20Manager%20Server%20Module%204.2
< 3.3.0+ 28 more
- (no CPE)range: < 3.3.0
- (no CPE)range: < 0.1.1628156312.dbd0dec-3.3.1
- (no CPE)range: < 3.0.0+git20190806.32c4bae0-8.22.6.1
- (no CPE)range: < 3.1.2-5.8.1
- (no CPE)range: < 0.4.0-3.3.1
- (no CPE)range: < 0.0.5-8.3.2
- (no CPE)range: < 0.1.2-3.3.1
- (no CPE)range: < 1.0.3-3.6.1
- (no CPE)range: < 2016.11.10-11.28.6.1
- (no CPE)range: < 3000.3-7.7.8.1
- (no CPE)range: < 4.2.2-3.12.1
- (no CPE)range: < 4.2.2-3.12.1
- (no CPE)range: < 4.2.2-3.12.1
- (no CPE)range: < 0.1.1628156312.dbd0dec-3.3.1
- (no CPE)range: < 4.2.12-4.6.2
- (no CPE)range: < 4.2.16-4.6.3
- (no CPE)range: < 4.2.12-3.6.2
- (no CPE)range: < 4.2.13-4.6.3
- (no CPE)range: < 4.2.28-3.11.5
- (no CPE)range: < 4.2.8-3.6.1
- (no CPE)range: < 4.2.13-3.6.1
- (no CPE)range: < 4.2.21-3.6.3
- (no CPE)range: < 15.3.5-3.3.1
- (no CPE)range: < 4.2.22-3.6.1
- (no CPE)range: < 4.2-12.8.1
- (no CPE)range: < 4.2-12.8.1
- (no CPE)range: < 4.2.17-3.6.2
- (no CPE)range: < 4.2.16-3.6.1
- (no CPE)range: < 4.2.8-3.6.1
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-cr3f-r24j-3chwghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-40325ghsaADVISORY
- github.com/cobbler/cobbler/commit/d8f60bbf14a838c8c8a1dba98086b223e35fe70aghsax_refsource_MISCWEB
- github.com/cobbler/cobbler/releases/tag/v3.3.0ghsax_refsource_MISCWEB
- github.com/pypa/advisory-database/tree/main/vulns/cobbler/PYSEC-2021-375.yamlghsaWEB
News mentions
0No linked articles in our index yet.