Lucene search

[email protected]NVD:CVE-2018-16878

HistoryApr 18, 2019 - 6:29 p.m.

CVE-2018-16878

2019-04-1818:29:00

CWE-400

[email protected]

web.nvd.nist.gov

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.3%

JSON

A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS

Affected configurations

NVD

Node

clusterlabspacemakerRange≤2.0.1

Node

canonicalubuntu_linuxMatch16.04lts

canonicalubuntu_linuxMatch18.04lts

canonicalubuntu_linuxMatch18.10

canonicalubuntu_linuxMatch19.04

Node

fedoraprojectfedoraMatch28

fedoraprojectfedoraMatch29

fedoraprojectfedoraMatch30

Node

debiandebian_linuxMatch9.0

Node

opensuseleapMatch15.0

opensuseleapMatch42.3

Node

redhatenterprise_linuxMatch8.0

redhatenterprise_linux_ausMatch8.2

redhatenterprise_linux_ausMatch8.4

redhatenterprise_linux_ausMatch8.6

redhatenterprise_linux_eusMatch8.1

redhatenterprise_linux_eusMatch8.2

redhatenterprise_linux_eusMatch8.4

redhatenterprise_linux_eusMatch8.6

redhatenterprise_linux_tusMatch8.2

redhatenterprise_linux_tusMatch8.4

redhatenterprise_linux_tusMatch8.6

References

lists.opensuse.org/opensuse-security-announce/2019-05/msg00012.html

lists.opensuse.org/opensuse-security-announce/2019-05/msg00034.html

www.securityfocus.com/bid/108039

access.redhat.com/errata/RHSA-2019:1278

access.redhat.com/errata/RHSA-2019:1279

bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16878

github.com/ClusterLabs/pacemaker/pull/1749

lists.debian.org/debian-lts-announce/2021/01/msg00007.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3GCWFO7GL6MBU6C4BGFO3P6L77DIBBF3/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FY4M4RMIG2POKC6OOFQODGKPRYXHET2F/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HR6QUYGML735EI3HEEHYRDW7EG73BUH2/

security.gentoo.org/glsa/202309-09

usn.ubuntu.com/3952-1/

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.3%

JSON

Related for NVD:CVE-2018-16878

ubuntucve1 cve1 debiancve1 osv2 redhatcve1 prion1 veracode1 cvelist1 nessus18 openvas7 suse2 fedora3 ibm3 oraclelinux1 ubuntu1 redhat2 amazon1 mageia1 debian1 gentoo1