CVE-2018-1086

2018-04-09T11:48:48
ID RH:CVE-2018-1086
Type redhatcve
Reporter redhat.com
Modified 2021-05-13T02:40:21

Description

It was found that the REST interface of the pcsd service did not properly remove the pcs debug argument from the /run_pcs query, possibly disclosing sensitive information. A remote attacker with a valid token could use this flaw to elevate their privilege.