CVE-2018-10866 is a vulnerability in Red Hat Certification
Published on May 26, 2021
It was discovered that the /configuration view of redhat-certification 7 does not perform an authorization check and it allows an unauthenticated user to remove a "system" file, that is an xml file with host related information, not belonging to him.
Weakness Type
What is an AuthZ Vulnerability?
The software does not perform an authorization check when an actor attempts to access a resource or perform an action.
CVE-2018-10866 has been classified to as an AuthZ vulnerability or weakness.
Products Associated with CVE-2018-10866
Want to know whenever a new CVE is published for Red Hat Certification? stack.watch will email you.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.