How severe is CVE-2018-14649?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2018-14649?

This is classified as CWE-77, which is a common weakness in software security.

CVE-2018-14649 - CRITICAL Severity | CVSS 9.8

Vulnerability Description

It was found that ceph-isci-cli package as shipped by Red Hat Ceph Storage 2 and 3 is using python-werkzeug in debug shell mode. This is done by setting debug=True in file /usr/bin/rbd-target-api provided by ceph-isci-cli package. This allows unauthenticated attackers to access this debug shell and escalate privileges. Once an attacker has successfully connected to this debug shell they will be able to execute arbitrary commands remotely. These commands will run with the same privileges as of user executing the application which is using python-werkzeug with debug shell mode enabled. In - Red Hat Ceph Storage 2 and 3, ceph-isci-cli package runs python-werkzeug library with root level permissions.

Related Vulnerabilities

CVE-2005-2773

CRITICAL

CVSS:9.8(Critical)

HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3)...

CWE-772005

CVE-2007-3010

CRITICAL

CVSS:9.8(Critical)

masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user...

CWE-772007

CVE-2008-7313

CRITICAL

CVSS:9.8(Critical)

The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796.

CWE-772008

CVE-2008-7315

CRITICAL

CVSS:9.8(Critical)

UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands.

CWE-772008

CVE-2008-7319

CRITICAL

CVSS:9.8(Critical)

The Net::Ping::External extension through 0.15 for Perl does not properly sanitize arguments (e.g., invalid hostnames) containing shell metacharacters before use of backticks in External.pm, allowing ...

CWE-772008

CVE-2009-5156

CRITICAL

CVSS:9.8(Critical)

An issue was discovered on ASMAX AR-804gu 66.34.1 devices. There is Command Injection via the cgi-bin/script query string.

CWE-772009