Lucene search
PRIOn knowledge basePRION:CVE-2015-3983HistoryMay 14, 2015 - 2:59 p.m.
Design/Logic Flaw
2015-05-1414:59:00
PRIOn knowledge base
www.prio-n.com
2
The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. NOTE: this issue was SPLIT from CVE-2015-1848 per ADT2 due to different vulnerability types.
| CPE | Name | Operator | Version |
|---|---|---|---|
| pacemaker_configuration_system | le | 0.9.137 |
References
rhn.redhat.com/errata/RHSA-2015-0980.html
rhn.redhat.com/errata/RHSA-2015-0990.html
www.securityfocus.com/bid/74682
bugzilla.redhat.com/attachment.cgi?id=1009855
lists.fedoraproject.org/pipermail/package-announce/2015-June/159374.html
lists.fedoraproject.org/pipermail/package-announce/2015-June/159401.html
lists.fedoraproject.org/pipermail/package-announce/2015-June/159412.html
Related
cve
cve
CVE-2015-1848
2015-05-14 14:59:07
CVE-2015-3983
2015-05-14 14:59:12
redhat
redhat
(RHSA-2015:0980) Important: pcs security and bug fix update
2015-05-12 00:00:00
(RHSA-2015:0990) Important: pcs security and bug fix update
2015-05-12 00:00:00
nessus
nessus
Fedora 21 : pcs-0.9.137-4.fc21 (2015-8788)
2015-06-05 00:00:00
RHEL 7 : pcs (RHSA-2015:0980)
2015-05-13 00:00:00
CentOS 7 : pcs (CESA-2015:0980)
2015-05-13 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: pcs-0.9.137-4.fc21
2015-06-04 20:16:31
[SECURITY] Fedora 20 Update: pcs-0.9.115-3.fc20
2015-06-04 20:11:38
[SECURITY] Fedora 22 Update: pcs-0.9.139-4.fc22
2015-06-04 20:18:02
veracode
veracode
Information Disclosure
2019-05-02 05:39:10
SSL Cookie Without Secure Flag
2019-01-15 09:05:55
cvelist
cvelist
CVE-2015-1848
2015-05-14 14:00:00
CVE-2015-3983
2015-05-14 14:00:00
openvas
openvas
Fedora Update for pcs FEDORA-2015-8765
2015-07-07 00:00:00
Fedora Update for pcs FEDORA-2015-8761
2015-06-09 00:00:00
Fedora Update for pcs FEDORA-2015-8788
2015-06-09 00:00:00
nvd
nvd
CVE-2015-3983
2015-05-14 14:59:12
CVE-2015-1848
2015-05-14 14:59:07
debiancve
debiancve
CVE-2015-3983
2015-05-14 14:59:12
CVE-2015-1848
2015-05-14 14:59:07
prion
prion
Design/Logic Flaw
2015-05-14 14:59:00
centos
centos
pcs, python security update
2015-05-13 00:53:35
pcs security update
2015-05-12 20:48:49