CVE-2021-45083

Advisory

Cobbler 3.3.1 includes a fix for CVE-2021-45083: Files in /etc/cobbler are world readable. Two of those files contain some sensitive information that can be exposed to a local user who has non-privileged access to the server. The users.digest file contains the sha2-512 digest of users in a Cobbler local installation. In the case of an easy-to-guess password, it's trivial to obtain the plaintext string. The settings.yaml file contains secrets such as the hashed default password.

Affected package

Affected versions

Fixed versions

Vulnerability changelog

An issue was discovered in Cobbler through 3.3.0. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.) See CVE-2021-45082.


MISC:https://bugzilla.suse.com/show_bug.cgi?id=1193678: https://bugzilla.suse.com/show_bug.cgi?id=1193678
MISC:https://github.com/cobbler/cobbler/releases: https://github.com/cobbler/cobbler/releases

Resources

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45083
• https://github.com/cobbler/cobbler/releases
• https://www.openwall.com/lists/oss-security/2022/02/18/3
• https://bugzilla.suse.com/show_bug.cgi?id=1193671
• https://lists.fedoraproject.org/archives/list/[email protected]/message/TEJN7CPW6YCHBFQPFZKGA6AVA6T5NPIW/
• https://lists.fedoraproject.org/archives/list/[email protected]/message/Z5CSXQE7Q4TVDQJKFYBO4XDH3BZ7BLAR/
• https://lists.fedoraproject.org/archives/list/[email protected]/message/ZCXMOUW4DH4DYWIJN44SMSU6R3CZDZBE/