Описание
A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.1.18-0ubuntu1.1 |
| cosmic | released | 1.1.18-2ubuntu1.18.10.1 |
| devel | released | 2.0.1-4ubuntu1 |
| disco | released | 1.1.18-2ubuntu1.19.04.1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| esm-infra/bionic | released | 1.1.18-0ubuntu1.1 |
| esm-infra/xenial | released | 1.1.14-2ubuntu1.6 |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | trusty was needed |
Показывать по
EPSS
4.6 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.
A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.
A flaw was found in the way pacemaker's client-server authentication w ...
A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.
Уязвимость программного средства управления ресурсами кластера Pacemaker операционных систем Ubuntu, Fedora, OpenSUSE Leap, Enterprise Linux и Oracle Linux, позволяющая нарушителю повысить свои привилегии
EPSS
4.6 Medium
CVSS2
7.8 High
CVSS3