CVE-2016-9605

描述

A flaw was found in cobbler software component version 2.6.11-1. It suffers from an invalid parameter validation vulnerability, leading the arbitrary file reading. The flaw is triggered by navigating to a vulnerable URL via cobbler-web on a default installation.

受影響套件(1)

• PyPI/cobblerfrom 0, <= 2.6.11-1

CVSS 分數

參考連結(3)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2016-9605
• PATCHhttps://github.com/cobbler/cobbler
• WEBhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9605