In Karaf prior to version 4.2.0, arbitrary file read and write, in additional to arbitrary command execution, is possible via the Karaf ssh console, if enabled.
Find out more about CVE-2018-11786 from the MITRE CVE dictionary dictionary and NIST NVD.
Open Daylight: The SSH console is enabled by default, with default credentials, and allows arbitrary file read and write, in addition to arbitrary command execution, in addition to regular Open Daylight Karaf functions.
NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.
| CVSS3 Base Score | 7.1 |
|---|---|
| CVSS3 Base Metrics | CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H |
| Attack Vector | Network |
| Attack Complexity | High |
| Privileges Required | Low |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality | Low |
| Integrity Impact | High |
| Availability Impact | High |
| Platform | Package | State |
|---|---|---|
| Red Hat OpenStack Platform 9.0 | opendaylight | Affected |
| Red Hat OpenStack Platform 8.0 (Liberty) | opendaylight | Affected |
| Red Hat OpenStack Platform 13.0 (Queens) | opendaylight | Affected |
| Red Hat OpenStack Platform 12.0 | opendaylight | Affected |
| Red Hat OpenStack Platform 10 | opendaylight | Affected |
| Red Hat JBoss Fuse Service Works 6 | karaf | Under investigation |
| Red Hat JBoss Fuse 7 | karaf | Under investigation |
| Red Hat JBoss Fuse 6 | karaf | Under investigation |
| Red Hat JBoss A-MQ 6 | karaf | Under investigation |
Vulmon