Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.30 views

NewStart CGSL MAIN 4.05 : pcs Vulnerability (NS-SA-2019-0143)

The remote NewStart CGSL host, running version MAIN 4.05, has pcs packages installed that are affected by a vulnerability: - It was found that the REST interface of the pcsd service did not properly remove the pcs debug argument from the /runpcs query, possibly disclosing sensitive information. A...

7.5CVSS6.3AI score0.01655EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.35 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : pcs Multiple Vulnerabilities (NS-SA-2019-0042)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has pcs packages installed that are affected by multiple vulnerabilities: - Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in...

8.7CVSS6.6AI score0.02489EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.38 views

Fedora 28 : pcs (2018-bbfb0f5bc9)

Security fix for CVE-2018-1086 and CVE-2018-1079 Rebased to latest upstream sources Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible witho...

8.7CVSS6.3AI score0.01655EPSS
Exploits0References3
Debian
Debian
added 2018/11/13 9:48 p.m.424 views

[SECURITY] [DSA 4339-1] ceph security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4339-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 13, 2018 https://www.debian.org/security/faq -...

7.5CVSS8.1AI score0.01902EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2018/07/03 12:0 a.m.33 views

Scientific Linux Security Update : pcs on SL6.x i386/x86_64 (20180619)

Security Fixes : - pcs: Debug parameter removal bypass, allowing information disclosure CVE-2018-1086 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid110889; scriptversion"1.6";...

7.5CVSS6.2AI score0.01655EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/06/22 12:0 a.m.48 views

CentOS 6 : pcs (CESA-2018:1927)

An update for pcs is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

7.5CVSS6.4AI score0.01655EPSS
Exploits0References2
Cent OS
Cent OS
added 2018/06/21 11:55 a.m.70 views

pcs security update

CentOS Errata and Security Advisory CESA-2018:1927 An update for pcs is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.5CVSS6.6AI score0.01655EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2018/06/19 5:8 a.m.67 views

Moderate: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

7.5CVSS6.6AI score0.01655EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/06/19 12:0 a.m.34 views

RHEL 6 : pcs (RHSA-2018:1927)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2018:1927 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: pcs: Debug parameter removal...

7.5CVSS6.5AI score0.01655EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2018/06/05 12:0 a.m.32 views

CentOS Update for pcs CESA-2018:1060 centos7

Check the version of pcs SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882895";...

8.7CVSS6.8AI score0.02489EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/05/31 12:0 a.m.39 views

CentOS 7 : pcs (CESA-2018:1060)

An update for pcs is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

8.7CVSS6.4AI score0.02489EPSS
Exploits0References4
Cent OS
Cent OS
added 2018/05/30 6:24 p.m.109 views

pcs security update

CentOS Errata and Security Advisory CESA-2018:1060 An update for pcs is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.7CVSS6.6AI score0.02489EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2018/05/01 12:0 a.m.46 views

Scientific Linux Security Update : pcs on SL7.x x86_64 (20180410)

Security Fixes : - pcs: Privilege escalation via authorized user malicious REST call CVE-2018-1079 - pcs: Debug parameter removal bypass, allowing information disclosure CVE-2018-1086 - rack-protection: Timing attack in authenticitytoken.rb CVE-2018-1000119 C Tenable Network Security, Inc. The...

8.7CVSS6.3AI score0.02489EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/05/01 12:0 a.m.31 views

Oracle Linux 7 : pcs (ELSA-2018-1060)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-1060 advisory. - Fixed CVE-2018-1086 pcs: Debug parameter removal bypass, allowing information disclosure - Fixed CVE-2018-1079 pcs: Privilege escalation via authoriz...

8.7CVSS6.5AI score0.02489EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/04/27 12:0 a.m.42 views

Amazon Linux 2 : pcs (ALAS-2018-1005)

Debug parameter removal bypass, allowing information disclosure It was found that the REST interface of the pcsd service did not properly remove the pcs debug argument from the /runpcs query, possibly disclosing sensitive information. A remote attacker with a valid token could use this flaw to...

8.7CVSS6.5AI score0.02489EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2018/04/19 12:0 a.m.29 views

Fedora Update for pcs FEDORA-2018-57bbe74c6c

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7CVSS7AI score0.01655EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/04/19 12:0 a.m.27 views

Fedora 27 : pcs (2018-57bbe74c6c)

Security fix for CVE-2018-1086 and CVE-2018-1079 Rebased to latest upstream sources Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible witho...

8.7CVSS6.3AI score0.01655EPSS
Exploits0References3
CVE
CVE
added 2018/04/12 4:0 p.m.101 views

CVE-2018-1086

CVE-2018-1086 affects the pcs/pcsd REST interface where the debug argument is not removed from the /run_pcs query, allowing information disclosure and privilege escalation for a remote attacker with a valid token. Affected are pcs before versions 0.9.164 and 0.10 (per multiple advisories). Remedi...

7.5CVSS7.2AI score0.01655EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2018/04/10 8:23 p.m.43 views

Important: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

8.7CVSS6.6AI score0.02489EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2018/04/09 11:48 a.m.38 views

CVE-2018-1086

It was found that the REST interface of the pcsd service did not properly remove the pcs debug argument from the /runpcs query, possibly disclosing sensitive information. A remote attacker with a valid token could use this flaw to elevate their privilege...

7.5CVSS3.5AI score0.01655EPSS
Exploits0References1
Rows per page
Query Builder