Impact
A user with admin access to the system resource type is potentially vulnerable to a CSRF attack that could cause the server to run untrusted code on all Rundeck editions.
Patches
Available in Rundeck 3.4.3 and 3.3.14
Workarounds
Please visit https://rundeck.com/security for information about specific workarounds.
For more information
If you have any questions or comments about this advisory:
To report security issues to Rundeck please use the form at https://rundeck.com/security
Impact
A user with
adminaccess to thesystemresource type is potentially vulnerable to a CSRF attack that could cause the server to run untrusted code on all Rundeck editions.Patches
Available in Rundeck 3.4.3 and 3.3.14
Workarounds
Please visit https://rundeck.com/security for information about specific workarounds.
For more information
If you have any questions or comments about this advisory:
To report security issues to Rundeck please use the form at https://rundeck.com/security