Unrated severityNVD Advisory· Published Sep 6, 2022· Updated Aug 3, 2024
CVE-2022-2735
CVE-2022-2735
Description
A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a Unix socket used for internal communication between PCS daemons. A privilege escalation could happen by obtaining an authentication token for a hacluster user. With the "hacluster" token, this flaw allows an attacker to have complete control over the cluster managed by PCS.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- PCS/PCSdescription
- osv-coords2 versions
< 0.11.1-10.el9_0.2+ 1 more
- (no CPE)range: < 0.11.1-10.el9_0.2
- (no CPE)range: < 0.11.1-10.el9_0.2
Patches
Vulnerability mechanics
References
4- www.debian.org/security/2022/dsa-5226mitrevendor-advisoryx_refsource_DEBIAN
- access.redhat.com/security/cve/CVE-2022-2735mitrex_refsource_MISC
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
- www.openwall.com/lists/oss-security/2022/09/01/4mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.