Описание
stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it possible for local attackers to gain access to passwords of the HA stack and potentially influence its operations. This is fixed in cluster-glue 1.0.6 and newer, and pacemaker 1.1.3 and newer.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | 1.0.12-7build1 |
| devel | not-affected | |
| esm-infra-legacy/trusty | not-affected | |
| esm-infra/bionic | not-affected | 1.0.12-7build1 |
| esm-infra/focal | not-affected | |
| esm-infra/xenial | not-affected | |
| focal | not-affected | |
| groovy | not-affected | |
| hirsute | not-affected | |
| impish | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | 1.1.18-0ubuntu1.3 |
| devel | not-affected | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | not-affected | 1.1.18-0ubuntu1.3 |
| esm-infra/focal | not-affected | |
| esm-infra/xenial | not-affected | 1.1.14-2ubuntu1 |
| focal | not-affected | |
| groovy | not-affected | |
| hirsute | not-affected | |
| impish | not-affected |
Показывать по
Ссылки на источники
EPSS
2.1 Low
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it possible for local attackers to gain access to passwords of the HA stack and potentially influence its operations. This is fixed in cluster-glue 1.0.6 and newer, and pacemaker 1.1.3 and newer.
stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it possible for local attackers to gain access to passwords of the HA stack and potentially influence its operations. This is fixed in cluster-glue 1.0.6 and newer, and pacemaker 1.1.3 and newer.
stonith-ng in pacemaker and cluster-glue passed passwords as commandli ...
stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it possible for local attackers to gain access to passwords of the HA stack and potentially influence its operations. This is fixed in cluster-glue 1.0.6 and newer, and pacemaker 1.1.3 and newer.
EPSS
2.1 Low
CVSS2
5.5 Medium
CVSS3