Vulnerabilities > Redhat > Gluster Storage > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-04-12 CVE-2015-1777 Improper Certificate Validation vulnerability in Redhat Rhn-Client-Tools
rhnreg_ks in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Gluster Storage 2.1 and Enterprise Linux (RHEL) 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle attack.
network
redhat CWE-295
4.3
2017-11-08 CVE-2017-15085 Man-in-the-Middle vulnerability in Redhat Gluster Storage 3.3
It was discovered that the fix for CVE-2017-12150 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.
network
high complexity
redhat CWE-300
5.9
2015-11-25 CVE-2015-5242 Code Injection vulnerability in Redhat Gluster Storage 3.1
OpenStack Swift-on-File (aka Swiftonfile) does not properly restrict use of the pickle Python module when loading metadata, which allows remote authenticated users to execute arbitrary code via a crafted extended attribute (xattrs).
network
redhat CWE-94
6.0