Unrated severityNVD Advisory· Published Oct 18, 2021· Updated Aug 7, 2024
CVE-2010-2496
CVE-2010-2496
Description
stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it possible for local attackers to gain access to passwords of the HA stack and potentially influence its operations. This is fixed in cluster-glue 1.0.6 and newer, and pacemaker 1.1.3 and newer.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- pacemaker and cluster-glue/stonith-ngdescription
- Range: <1.0.6
- Range: <1.1.3
Patches
Vulnerability mechanics
References
1- bugzilla.suse.com/show_bug.cgimitrex_refsource_MISC
News mentions
0No linked articles in our index yet.