Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2015-3983HistoryMay 14, 2015 - 2:59 p.m.
CVE-2015-3983
2015-05-1414:59:12
Debian Security Bug Tracker
security-tracker.debian.org
11
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.026 Low
EPSS
Percentile
90.3%
The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. NOTE: this issue was SPLIT from CVE-2015-1848 per ADT2 due to different vulnerability types.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | pcs | < 0.11.5-1+deb12u1 | pcs_0.11.5-1+deb12u1_all.deb |
| Debian | 11 | all | pcs | < 0.10.8-1+deb11u1 | pcs_0.10.8-1+deb11u1_all.deb |
| Debian | 999 | all | pcs | < 0.11.7-1 | pcs_0.11.7-1_all.deb |
| Debian | 13 | all | pcs | < 0.11.7-1 | pcs_0.11.7-1_all.deb |
Related
nessus
nessus
CentOS 6 : pcs (CESA-2015:0990)
2015-05-13 00:00:00
Fedora 21 : pcs-0.9.137-4.fc21 (2015-8788)
2015-06-05 00:00:00
RHEL 7 : pcs (RHSA-2015:0980)
2015-05-13 00:00:00
openvas
openvas
Fedora Update for pcs FEDORA-2015-8788
2015-06-09 00:00:00
Fedora Update for pcs FEDORA-2015-8765
2015-07-07 00:00:00
Fedora Update for pcs FEDORA-2015-8761
2015-06-09 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: pcs-0.9.139-4.fc22
2015-06-04 20:18:02
[SECURITY] Fedora 21 Update: pcs-0.9.137-4.fc21
2015-06-04 20:16:31
[SECURITY] Fedora 20 Update: pcs-0.9.115-3.fc20
2015-06-04 20:11:38
veracode
veracode
SSL Cookie Without Secure Flag
2019-01-15 09:05:55
Information Disclosure
2019-05-02 05:39:10
cve
cve
CVE-2015-1848
2015-05-14 14:59:07
CVE-2015-3983
2015-05-14 14:59:12
redhat
redhat
(RHSA-2015:0980) Important: pcs security and bug fix update
2015-05-12 00:00:00
(RHSA-2015:0990) Important: pcs security and bug fix update
2015-05-12 00:00:00
cvelist
cvelist
CVE-2015-1848
2015-05-14 14:00:00
CVE-2015-3983
2015-05-14 14:00:00
nvd
nvd
CVE-2015-3983
2015-05-14 14:59:12
CVE-2015-1848
2015-05-14 14:59:07
prion
prion
Design/Logic Flaw
2015-05-14 14:59:00
Design/Logic Flaw
2015-05-14 14:59:00
debiancve
debiancve
CVE-2015-1848
2015-05-14 14:59:07
centos
centos
pcs, python security update
2015-05-13 00:53:35
pcs security update
2015-05-12 20:48:49
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.026 Low
EPSS
Percentile
90.3%
Related for DEBIANCVE:CVE-2015-3983