VYPR

HA Web Konsole

by Clusterlabs

CVEs (1)

  • CVE-2021-3020HigAug 26, 2022
    risk 0.00cvss 8.8epss 0.01

    An issue was discovered in ClusterLabs Hawk (aka HA Web Konsole) through 2.3.0-15. It ships the binary hawk_invoke (built from tools/hawk_invoke.c), intended to be used as a setuid program. This allows the hacluster user to invoke certain commands as root (with an attempt to…