Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Pacemaker
(Clusterlabs)| Repositories | https://github.com/ClusterLabs/pacemaker |
| #Vulnerabilities | 12 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-09-10 | CVE-2016-7035 | An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine. | Pacemaker, Enterprise_linux_server, Enterprise_linux_server_eus | 7.8 | ||
| 2019-04-18 | CVE-2018-16877 | A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation. | Ubuntu_linux, Pacemaker, Debian_linux, Fedora, Leap, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_server_aus, Enterprise_linux_server_tus | 7.8 |