rpm package
suse/pacemaker&distro=SUSE Linux Enterprise High Availability Extension 12 SP1
pkg:rpm/suse/pacemaker&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP1
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-7035 | Hig | 8.8 | < 1.1.13-20.1 | 1.1.13-20.1 | Sep 10, 2018 | An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and | |
| CVE-2016-7797 | Hig | 7.5 | < 1.1.13-20.1 | 1.1.13-20.1 | Mar 24, 2017 | Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection. |
- affected < 1.1.13-20.1fixed 1.1.13-20.1
An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and
- affected < 1.1.13-20.1fixed 1.1.13-20.1
Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.