{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-27T01:02:44.228","vulnerabilities":[{"cve":{"id":"CVE-2024-47533","sourceIdentifier":"security-advisories@github.com","published":"2024-11-18T17:15:11.563","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cobbler, a Linux installation server that allows for rapid setup of network installation environments, has an improper authentication vulnerability starting in version 3.0.0 and prior to versions 3.2.3 and 3.3.7. `utils.get_shared_secret()` always returns `-1`, which allows anyone to connect to cobbler XML-RPC as user `''` password `-1` and make any changes. This gives anyone with network access to a cobbler server full control of the server. Versions 3.2.3 and 3.3.7 fix the issue."},{"lang":"es","value":"Cobbler, un servidor de instalación de Linux que permite la configuración rápida de entornos de instalación de red, tiene una vulnerabilidad de autenticación incorrecta a partir de la versión 3.0.0 y anteriores a las versiones 3.2.3 y 3.3.7. `utils.get_shared_secret()` siempre devuelve `-1`, lo que permite que cualquiera se conecte a Cobbler XML-RPC como usuario `''` contraseña `-1` y realice cualquier cambio. Esto le da a cualquier persona con acceso de red a un servidor Cobbler control total del servidor. Las versiones 3.2.3 y 3.3.7 solucionan el problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"references":[{"url":"https://github.com/cobbler/cobbler/commit/32c5cada013dc8daa7320a8eda9932c2814742b0","source":"security-advisories@github.com"},{"url":"https://github.com/cobbler/cobbler/commit/e19717623c10b29e7466ed4ab23515a94beb2dda","source":"security-advisories@github.com"},{"url":"https://github.com/cobbler/cobbler/security/advisories/GHSA-m26c-fcgh-cp6h","source":"security-advisories@github.com"}]}}]}