Skip to main content

Early Access — Mondoo Vulnerability Intelligence is currently in preview.

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

SUSE-SU-2021:3151-1 | Mondoo Vulnerability Intelligence

SUSE-SU-2021:3151-1

UNKNOWN

Security update for cobbler

Published Sep 20, 2021

Modified 4 years ago

Fix available

Details

This update for cobbler fixes the following issues:

Security issues fixed:

CVE-2021-40323: Fixed an arbitrary file disclosure/Template Injection (bsc#1189458)
CVE-2021-40324: Fixed an arbitrary file write (bsc#1189458)
CVE-2021-40325: Fixed a problem with the token validation (bsc#1189458)
Please note that with these changes, a valid log data from Anamon (Red Hat Autoinstallation Process) uploaded to cobbler may be rejected

Affected Packages

SUSE:Manager Server Module 4.1cobbler

Fixed in:

3.0.0+git20190806.32c4bae0-8.22.6.1

References

REPORThttps://bugzilla.suse.com/1189458 WEBhttps://www.suse.com/security/cve/CVE-2021-40323 WEBhttps://www.suse.com/security/cve/CVE-2021-40324 WEBhttps://www.suse.com/security/cve/CVE-2021-40325 ADVISORYhttps://www.suse.com/support/update/announcement/2021/suse-su-20213151-1/

Upstream

CVE-2021-40323 CVE-2021-40324 CVE-2021-40325

Related

CVE-2021-40323 CVE-2021-40324 CVE-2021-40325

Ecosystems

SUSE Manager Server Module 4.1

Timeline

PublishedSep 20, 2021

ModifiedSep 20, 2021