Vulnerabilities > Redhat > Gluster Storage > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-12 | CVE-2015-1777 | Improper Certificate Validation vulnerability in Redhat Rhn-Client-Tools rhnreg_ks in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Gluster Storage 2.1 and Enterprise Linux (RHEL) 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle attack. | 4.3 |
| 2017-11-08 | CVE-2017-15085 | Man-in-the-Middle vulnerability in Redhat Gluster Storage 3.3 It was discovered that the fix for CVE-2017-12150 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6. | 5.9 |
| 2015-11-25 | CVE-2015-5242 | Code Injection vulnerability in Redhat Gluster Storage 3.1 OpenStack Swift-on-File (aka Swiftonfile) does not properly restrict use of the pickle Python module when loading metadata, which allows remote authenticated users to execute arbitrary code via a crafted extended attribute (xattrs). | 6.0 |