It was found that cobbler 2.6.x exposed all functions from its CobblerXMLRPCInterface class over XMLRPC. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Information Disclosure
Cobbler
Satellite
NVD
CVSS 3.0
9.8
EPSS
67.9%