It was found that in cobbler's XMLRPC API there are many places where the user supplied security token is not being correctly validated, effectively resulting in authentication being bypassed. Upstream issue: https://github.com/cobbler/cobbler/issues/1916 References: https://movermeyer.com/2018-08-02-privilege-escalation-exploits-in-cobblers-api/
Created cobbler tracking bugs for this issue: Affects: epel-all [bug 1613293] Affects: fedora-all [bug 1613292]
Statement: The most sensitive function not requiring a valid token is modify_settings(), which is not part of cobbler-2.0.7, the versions shipped Red Hat Enterprise Satellite 5. As such, the flaw is considered with a Medium severity rating on cobbler versions as shipped in Red Hat Enterprise Satellite 5. A future update may address this issue.