Arbitrary File Creation and Code Execution Vulnerability in GlusterFS Server

Arbitrary File Creation and Code Execution Vulnerability in GlusterFS Server

CVE-2018-10929 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A flaw was found in RPC request using gfs2_create_req in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes.

Learn more about our Cis Benchmark Audit For Server Software.