CVE-2009-5021

Published: Dec 9, 2010Modified: Apr 29, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Cobbler before 1.6.1 does not properly determine whether an installation has the default password, which makes it easier for attackers to obtain access by using this password.

Affected (59)

Products: Michael Dehaan: Cobbler

Michael Dehaan

1 product

Cobbler

Configuration A

59 vulnerable

Vulnerable Software	Affected Versions
Michael Dehaan Cobbler	Up to 1.4.3-4
Michael Dehaan Cobbler	Version 0.1.1.7
Michael Dehaan Cobbler	Version 0.2.1
Michael Dehaan Cobbler	Version 0.2.2
Michael Dehaan Cobbler	Version 0.2.3
Michael Dehaan Cobbler	Version 0.2.5
Michael Dehaan Cobbler	Version 0.2.7
Michael Dehaan Cobbler	Version 0.2.8
Michael Dehaan Cobbler	Version 0.2.9
Michael Dehaan Cobbler	Version 0.3.0
Michael Dehaan Cobbler	Version 0.3.1
Michael Dehaan Cobbler	Version 0.3.3
Michael Dehaan Cobbler	Version 0.3.4
Michael Dehaan Cobbler	Version 0.3.5
Michael Dehaan Cobbler	Version 0.3.6
Michael Dehaan Cobbler	Version 0.3.7
Michael Dehaan Cobbler	Version 0.3.9
Michael Dehaan Cobbler	Version 0.4.0
Michael Dehaan Cobbler	Version 0.4.2
Michael Dehaan Cobbler	Version 0.4.3
Michael Dehaan Cobbler	Version 0.4.5
Michael Dehaan Cobbler	Version 0.4.6
Michael Dehaan Cobbler	Version 0.4.7
Michael Dehaan Cobbler	Version 0.4.8
Michael Dehaan Cobbler	Version 0.5.0
Michael Dehaan Cobbler	Version 0.6.0
Michael Dehaan Cobbler	Version 0.6.1
Michael Dehaan Cobbler	Version 0.6.3
Michael Dehaan Cobbler	Version 0.6.4
Michael Dehaan Cobbler	Version 0.6.5
Michael Dehaan Cobbler	Version 0.8.1
Michael Dehaan Cobbler	Version 0.8.3
Michael Dehaan Cobbler	Version 1.0.0
Michael Dehaan Cobbler	Version 1.0.2-1
Michael Dehaan Cobbler	Version 1.0.2
Michael Dehaan Cobbler	Version 1.0.3-1
Michael Dehaan Cobbler	Version 1.2.0
Michael Dehaan Cobbler	Version 1.2.2
Michael Dehaan Cobbler	Version 1.2.3
Michael Dehaan Cobbler	Version 1.2.5
Michael Dehaan Cobbler	Version 1.2.6
Michael Dehaan Cobbler	Version 1.2.7
Michael Dehaan Cobbler	Version 1.2.8-1
Michael Dehaan Cobbler	Version 1.2.8
Michael Dehaan Cobbler	Version 1.2.9-1
Michael Dehaan Cobbler	Version 1.2.9
Michael Dehaan Cobbler	Version 1.3.1-1
Michael Dehaan Cobbler	Version 1.3.1
Michael Dehaan Cobbler	Version 1.3.3-1
Michael Dehaan Cobbler	Version 1.3.3
Michael Dehaan Cobbler	Version 1.3.4-1
Michael Dehaan Cobbler	Version 1.3.4
Michael Dehaan Cobbler	Version 1.4.0-2
Michael Dehaan Cobbler	Version 1.4.0
Michael Dehaan Cobbler	Version 1.4.1-1
Michael Dehaan Cobbler	Version 1.4.1
Michael Dehaan Cobbler	Version 1.4.2-1
Michael Dehaan Cobbler	Version 1.4.2
Michael Dehaan Cobbler	Version 1.4.3

Related CWEs

CWE-255

References (4)

http://people.fedoraproject.org/~shenson/cobbler/cobbler-2.0.8.tar.gz

Source: cve@mitre.org

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/64734

Source: cve@mitre.org

http://people.fedoraproject.org/~shenson/cobbler/cobbler-2.0.8.tar.gz

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/64734

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.