CVE-2016-7797

Опубликовано: 24 мар. 2017

Источник: debian

EPSS Низкий

Описание

Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
pacemaker	fixed	1.1.15~rc3-1		package
pacemaker	not-affected		wheezy	package

Примечания

http://bugs.clusterlabs.org/show_bug.cgi?id=5269
Fixed by: https://github.com/ClusterLabs/pacemaker/commit/5ec24a2642bd0854b884d1a9b51d12371373b410 (Pacemaker-1.1.15-rc1)
Vulnerable code introduced in: https://github.com/ClusterLabs/pacemaker/commit/87f40917feb5109f827d83765c924acbbd824379 (Pacemaker-1.1.12-rc1)

EPSS

Процентиль: 85%

0.02415

Низкий

Связанные уязвимости

CVE-2016-7797

CVSS3: 7.5

ubuntu

почти 9 лет назад

Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.

CVE-2016-7797

CVSS3: 8.6

redhat

почти 10 лет назад

Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.

CVE-2016-7797

CVSS3: 7.5

nvd

почти 9 лет назад

Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.

GHSA-gp6f-9wm3-5hr4

CVSS3: 7.5

github

больше 3 лет назад

Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.

openSUSE-SU-2016:3101-1

suse-cvrf

около 9 лет назад

Security update for pacemaker

EPSS

Процентиль: 85%

0.02415

Низкий