CVE-2018-10866

CVE-2018-10866

Vendor N/A
Product redhat-certification
Weakness CWE-862 · Missing authorization
Published May 26, 2021
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

It was discovered that the /configuration view of redhat-certification 7 does not perform an authorization check and it allows an unauthenticated user to remove a "system" file, that is an xml file with host related information, not belonging to him.

Key dates

02Disclosure timeline

May 26, 2021 CVE published
August 5, 2024 Record updated

Related vulnerabilities

04Related CVE