CVE-2018-1112 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2018-1112 Interim 1 6 2021-10-22T00:54:17Z current 2021-05-30T14:06:53Z 2021-10-22T00:54:17Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2018-1112 glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html E-Mail link for openSUSE-SU-2020:0079-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 15.1 glusterfs-3.12.15-lp151.3.3.1 glusterfs-devel-3.12.15-lp151.3.3.1 libgfapi0-3.12.15-lp151.3.3.1 libgfchangelog0-3.12.15-lp151.3.3.1 libgfdb0-3.12.15-lp151.3.3.1 libgfrpc0-3.12.15-lp151.3.3.1 libgfxdr0-3.12.15-lp151.3.3.1 libglusterfs0-3.12.15-lp151.3.3.1 python-gluster-3.12.15-lp151.3.3.1 glusterfs-3.12.15-lp151.3.3.1 as a component of openSUSE Leap 15.1 glusterfs-devel-3.12.15-lp151.3.3.1 as a component of openSUSE Leap 15.1 libgfapi0-3.12.15-lp151.3.3.1 as a component of openSUSE Leap 15.1 libgfchangelog0-3.12.15-lp151.3.3.1 as a component of openSUSE Leap 15.1 libgfdb0-3.12.15-lp151.3.3.1 as a component of openSUSE Leap 15.1 libgfrpc0-3.12.15-lp151.3.3.1 as a component of openSUSE Leap 15.1 libgfxdr0-3.12.15-lp151.3.3.1 as a component of openSUSE Leap 15.1 libglusterfs0-3.12.15-lp151.3.3.1 as a component of openSUSE Leap 15.1 python-gluster-3.12.15-lp151.3.3.1 as a component of openSUSE Leap 15.1 glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression. CVE-2018-1112 openSUSE Leap 15.1:glusterfs-3.12.15-lp151.3.3.1 openSUSE Leap 15.1:glusterfs-devel-3.12.15-lp151.3.3.1 openSUSE Leap 15.1:libgfapi0-3.12.15-lp151.3.3.1 openSUSE Leap 15.1:libgfchangelog0-3.12.15-lp151.3.3.1 openSUSE Leap 15.1:libgfdb0-3.12.15-lp151.3.3.1 openSUSE Leap 15.1:libgfrpc0-3.12.15-lp151.3.3.1 openSUSE Leap 15.1:libgfxdr0-3.12.15-lp151.3.3.1 openSUSE Leap 15.1:libglusterfs0-3.12.15-lp151.3.3.1 openSUSE Leap 15.1:python-gluster-3.12.15-lp151.3.3.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P 8.8 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H