3 matches found
Astra Linux – Vulnerability in PCS
A flaw was discovered in the Pacemaker configuration tool pcs. The pcs daemon allowed expired accounts, as well as accounts with expired passwords, to log in when using PAM authentication. As a result, unprivileged expired accounts that had been denied access could still log in...
ClusterLabs Pacemaker PCS Daemon Detection
Binary data pcsddetect.nbin...
openstack-puppet-modules: pacemaker configured with default password
It was discovered that the puppet manifests, as provided with the openstack-puppet-modules package, would configure the pcsd daemon with a known default password. If this password was not changed and an attacker was able to gain access to pcsd, they could potentially run shell commands as root...