4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
5.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
44.6%
CentOS Errata and Security Advisory CESA-2019:2037
The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster.
Security Fix(es):
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-cr-announce/2019-August/032136.html
Affected packages:
fence-agents-aliyun
fence-agents-all
fence-agents-amt-ws
fence-agents-apc
fence-agents-apc-snmp
fence-agents-aws
fence-agents-azure-arm
fence-agents-bladecenter
fence-agents-brocade
fence-agents-cisco-mds
fence-agents-cisco-ucs
fence-agents-common
fence-agents-compute
fence-agents-drac5
fence-agents-eaton-snmp
fence-agents-emerson
fence-agents-eps
fence-agents-gce
fence-agents-heuristics-ping
fence-agents-hpblade
fence-agents-ibmblade
fence-agents-ifmib
fence-agents-ilo-moonshot
fence-agents-ilo-mp
fence-agents-ilo-ssh
fence-agents-ilo2
fence-agents-intelmodular
fence-agents-ipdu
fence-agents-ipmilan
fence-agents-kdump
fence-agents-mpath
fence-agents-redfish
fence-agents-rhevm
fence-agents-rsa
fence-agents-rsb
fence-agents-sbd
fence-agents-scsi
fence-agents-virsh
fence-agents-vmware-rest
fence-agents-vmware-soap
fence-agents-wti
Upstream details at:
https://access.redhat.com/errata/RHSA-2019:2037
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
5.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
44.6%