VYPR

Enterprise Linux Resilient Storage

by Red Hat

CVEs (3)

  • CVE-2016-7797HigMar 24, 2017
    risk 0.49cvss 7.5epss 0.03

    Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.

  • CVE-2015-1867Aug 12, 2015
    risk 0.00cvss epss 0.03

    Pacemaker before 1.1.13 does not properly evaluate added nodes, which allows remote read-only users to gain privileges via an acl command.

  • CVE-2015-1848May 14, 2015
    risk 0.00cvss epss 0.02

    The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. NOTE: this issue was SPLIT per ADT2 due to…