Moderate severityNVD Advisory· Published Mar 11, 2022· Updated Aug 2, 2024
Improper Authorization in cobbler/cobbler
CVE-2022-0860
Description
Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
cobblerPyPI | < 3.3.2 | 3.3.2 |
Affected products
85- ghsa-coords84 versionspkg:pypi/cobblerpkg:rpm/opensuse/cobbler&distro=openSUSE%20Tumbleweedpkg:rpm/suse/cobbler&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/cobbler&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/drools&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/drools&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/grafana-formula&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/image-sync-formula&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/inter-server-sync&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/inter-server-sync&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/locale-formula&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/mgr-daemon&distro=SUSE%20Manager%20Proxy%20Module%204.3pkg:rpm/suse/mgr-osad&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/mgr-osad&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/prometheus-formula&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/py27-compat-salt&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/python-magic&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/python-schema&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/python-urlgrabber&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/release-notes-susemanager&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/release-notes-susemanager-proxy&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/release-notes-susemanager-proxy&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.3pkg:rpm/suse/reprepro&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/rhnlib&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/rhnlib&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/saltboot-formula&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/saltboot-formula&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/salt-netapi-client&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/smdba&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Proxy%20Module%204.3pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacewalk-admin&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-admin&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Proxy%20Module%204.3pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacewalk-certs-tools&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/spacewalk-certs-tools&distro=SUSE%20Manager%20Proxy%20Module%204.3pkg:rpm/suse/spacewalk-certs-tools&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-certs-tools&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Proxy%20Module%204.3pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacewalk-java&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-java&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacewalk-proxy&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/spacewalk-proxy-installer&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/spacewalk-search&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-search&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacewalk-setup&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacewalk-utils&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Proxy%20Module%204.3pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/subscription-matcher&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/supportutils-plugin-susemanager&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-build-keys&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/susemanager-build-keys&distro=SUSE%20Manager%20Proxy%20Module%204.3pkg:rpm/suse/susemanager-build-keys&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-build-keys&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/susemanager&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/susemanager-doc-indexes&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-docs_en&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-docs_en&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/susemanager-schema&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-schema&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/susemanager-sls&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-sls&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/susemanager-sync-data&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/susemanager-tftpsync&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/susemanager-tftpsync-recv&distro=SUSE%20Manager%20Proxy%20Module%204.3pkg:rpm/suse/uyuni-common-libs&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/uyuni-common-libs&distro=SUSE%20Manager%20Proxy%20Module%204.3pkg:rpm/suse/uyuni-common-libs&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/uyuni-common-libs&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/uyuni-reportdb-schema&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/virtual-host-gatherer&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/woodstox&distro=SUSE%20Manager%20Server%20Module%204.2
< 3.3.2+ 83 more
- (no CPE)range: < 3.3.2
- (no CPE)range: < 3.3.2.0+git.9044aa99-1.1
- (no CPE)range: < 3.1.2-150300.5.19.1
- (no CPE)range: < 3.3.3-150400.5.7.1
- (no CPE)range: < 7.17.0-150300.4.9.2
- (no CPE)range: < 7.17.0-150400.3.6.1
- (no CPE)range: < 0.8.1-150300.3.9.2
- (no CPE)range: < 0.1.1661440542.6cbe0da-150400.3.6.1
- (no CPE)range: < 0.2.7-150300.8.28.2
- (no CPE)range: < 0.2.3-150400.3.6.1
- (no CPE)range: < 0.3-150400.3.3.1
- (no CPE)range: < 4.3.6-150400.3.6.4
- (no CPE)range: < 4.2.9-150300.2.12.2
- (no CPE)range: < 4.2.9-150300.2.12.2
- (no CPE)range: < 0.7.0-150300.3.17.2
- (no CPE)range: < 3000.3-150300.7.7.29.2
- (no CPE)range: < 5.32-150000.7.16.1
- (no CPE)range: < 0.6.7-150400.10.3.1
- (no CPE)range: < 4.1.0-150400.3.6.1
- (no CPE)range: < 4.3.2-150400.3.15.1
- (no CPE)range: < 4.3.2-150400.3.9.3
- (no CPE)range: < 4.3.2-150400.3.9.3
- (no CPE)range: < 5.4.0-150400.3.6.1
- (no CPE)range: < 4.2.7-150300.4.12.2
- (no CPE)range: < 4.2.7-150300.4.12.2
- (no CPE)range: < 0.1.1676908681.e90e0b1-150300.3.15.1
- (no CPE)range: < 0.1.1661440542.6cbe0da-150400.3.3.1
- (no CPE)range: < 0.21.0-150300.3.12.4
- (no CPE)range: < 1.7.11-0.150300.3.12.2
- (no CPE)range: < 4.2.21-150300.4.33.2
- (no CPE)range: < 4.3.15-150400.3.6.4
- (no CPE)range: < 4.2.21-150300.4.33.2
- (no CPE)range: < 4.3.15-150400.3.6.4
- (no CPE)range: < 4.2.13-150300.3.18.1
- (no CPE)range: < 4.3.10-150400.3.3.2
- (no CPE)range: < 4.2.26-150300.4.35.6
- (no CPE)range: < 4.3.16-150400.3.6.8
- (no CPE)range: < 4.2.26-150300.4.35.6
- (no CPE)range: < 4.3.16-150400.3.6.8
- (no CPE)range: < 4.2.19-150300.3.27.4
- (no CPE)range: < 4.3.15-150400.3.6.2
- (no CPE)range: < 4.2.19-150300.3.27.4
- (no CPE)range: < 4.3.15-150400.3.6.2
- (no CPE)range: < 4.2.22-150300.4.30.2
- (no CPE)range: < 4.3.12-150400.3.6.6
- (no CPE)range: < 4.2.22-150300.4.30.2
- (no CPE)range: < 4.3.12-150400.3.6.6
- (no CPE)range: < 4.2.47-150300.3.58.1
- (no CPE)range: < 4.3.38-150400.3.8.3
- (no CPE)range: < 4.2.13-150300.3.24.2
- (no CPE)range: < 4.2.11-150300.3.14.2
- (no CPE)range: < 4.2.9-150300.3.15.2
- (no CPE)range: < 4.3.7-150400.3.6.2
- (no CPE)range: < 4.3.12-150400.3.8.1
- (no CPE)range: < 4.3.14-150400.3.6.3
- (no CPE)range: < 4.2.32-150300.3.36.4
- (no CPE)range: < 4.3.24-150400.3.6.4
- (no CPE)range: < 4.2.32-150300.3.36.4
- (no CPE)range: < 4.3.24-150400.3.6.4
- (no CPE)range: < 0.29-150400.3.7.1
- (no CPE)range: < 4.2.5-150300.3.9.2
- (no CPE)range: < 15.3.6-150300.3.6.2
- (no CPE)range: < 15.4.3-150400.3.6.1
- (no CPE)range: < 15.3.6-150300.3.6.2
- (no CPE)range: < 15.4.3-150400.3.6.1
- (no CPE)range: < 4.2.40-150300.3.49.1
- (no CPE)range: < 4.3.19-150400.3.6.4
- (no CPE)range: < 4.2-150300.12.39.4
- (no CPE)range: < 4.2-150300.12.39.2
- (no CPE)range: < 4.3-150400.9.6.1
- (no CPE)range: < 4.2.27-150300.3.35.1
- (no CPE)range: < 4.3.14-150400.3.6.5
- (no CPE)range: < 4.2.31-150300.3.43.1
- (no CPE)range: < 4.3.25-150400.3.6.4
- (no CPE)range: < 4.3.9-150400.3.3.1
- (no CPE)range: < 4.3.2-150400.3.3.4
- (no CPE)range: < 4.3.7-150400.3.3.3
- (no CPE)range: < 4.2.9-150300.3.14.1
- (no CPE)range: < 4.3.6-150400.3.6.4
- (no CPE)range: < 4.2.9-150300.3.14.1
- (no CPE)range: < 4.3.6-150400.3.6.4
- (no CPE)range: < 4.3.6-150400.3.3.6
- (no CPE)range: < 1.0.24-150300.3.9.2
- (no CPE)range: < 4.4.2-150300.3.6.2
- Range: unspecified
Patches
Vulnerability mechanics
References
12- github.com/advisories/GHSA-mcg6-h362-cmq5ghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4KCNZYBQC2FM5SEEDRQZO4LRZ4ZECMG/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DYWYHWVVRUSPCV5SWBOSAMQJQLTSBTKY/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IYSHMF6MEIITFAG7EJ3IQKVUN7MDV2XM/mitrevendor-advisoryx_refsource_FEDORA
- nvd.nist.gov/vuln/detail/CVE-2022-0860ghsaADVISORY
- github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfaghsax_refsource_MISCWEB
- github.com/cobbler/cobbler/security/advisories/GHSA-mcg6-h362-cmq5ghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/cobbler/PYSEC-2022-177.yamlghsaWEB
- huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1dghsax_refsource_CONFIRMWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D4KCNZYBQC2FM5SEEDRQZO4LRZ4ZECMGghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DYWYHWVVRUSPCV5SWBOSAMQJQLTSBTKYghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYSHMF6MEIITFAG7EJ3IQKVUN7MDV2XMghsaWEB
News mentions
0No linked articles in our index yet.