Download
| Alert*
|
oval:org.secpod.oval:def:204823
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fix: * pcs: Privilege escalation via authorized user malicious REST call * pcs: Debug parameter removal bypass, allowing information disclosure * rack-protection: Timing attack in authen ... oval:org.secpod.oval:def:1700028 Debug parameter removal bypass, allowing information disclosureIt was found that the REST interface of the pcsd service did not properly remove the pcs debug argument from the /run_pcs query, possibly disclosing sensitive information. A remote attacker with a valid token could use this flaw to eleva ... oval:org.secpod.oval:def:1502193 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:114290 pcs is a corosync and pacemaker configuration tool. It permits users to easily view, modify and create pacemaker based clusters. oval:org.secpod.oval:def:114288 pcs is a corosync and pacemaker configuration tool. It permits users to easily view, modify and create pacemaker based clusters. |
