DEBIAN-CVE-2018-10841

DEBIAN-CVE-2018-10841 PUBLISHED CVSS 8.800000190734863 HIGH

glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool, start, stop, and delete volumes.

Risk Scores

CVSS 3.1

8.800000190734863

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Debian:12	glusterfs	0, 0, 0
Debian:14	glusterfs	0, 0, 0
Debian:11	glusterfs	0, 0, 0
Debian:13	glusterfs	0, 0, 0

Timeline

Jun 20, 2018 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2018-10841 advisory

Open in Interactive Console →