Описание
A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 0.11.4-1ubuntu3 |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | released | 0.10.4-3ubuntu0.1~esm1 |
| esm-apps/jammy | released | 0.10.11-2ubuntu3+esm1 |
| esm-apps/xenial | not-affected | code not present |
| focal | ignored | end of standard support, was needed |
| impish | ignored | end of life |
| jammy | needed | |
| kinetic | not-affected | 0.11.3-1ubuntu1 |
Показывать по
EPSS
6.5 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.
A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.
A flaw was found in the Pacemaker configuration tool (pcs). The pcs da ...
A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.
EPSS
6.5 Medium
CVSS2
8.8 High
CVSS3