CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

745 matches found

OSV•added 2022/03/25 7:15 p.m.•1 views

DEBIAN-CVE-2022-1049

A flaw was found in the Pacemaker configuration tool pcs. The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login...

8.8CVSS7.4AI score0.00274EPSS

Exploits1References1

OSV•added 2022/03/25 7:15 p.m.•14 views

CVE-2022-1049

8.8CVSS6.6AI score

Exploits0References3

UbuntuCve•added 2022/03/25 7:15 p.m.•22 views

CVE-2022-1049

8.8CVSS7AI score0.00274EPSS

Exploits1References3

ATTACKERKB•added 2022/03/25 7:15 p.m.•5 views

CVE-2022-1049

8.8CVSS7.2AI score0.00274EPSS

Exploits1References9

OSV•added 2022/03/25 7:15 p.m.•0 views

UBUNTU-CVE-2022-1049

8.8CVSS7.1AI score0.00274EPSS

Exploits1References4

Prion•added 2022/03/25 7:15 p.m.•17 views

Design/Logic Flaw

6.5CVSS8.4AI score0.00274EPSS

Exploits1References3Affected Software2

CVE•added 2022/03/25 6:3 p.m.•101 views

CVE-2022-1049

CVE-2022-1049 concerns the Pacemaker configuration tool (pcs) where the daemon allowed expired accounts and accounts with expired passwords to authenticate via PAM, enabling login for unprivileged expired accounts. Connected advisories/plugins reference affected packages across multiple distribut...

8.8CVSS8.4AI score0.00274EPSS

Exploits1References3Affected Software1

Debian CVE•added 2022/03/25 6:3 p.m.•73 views

CVE-2022-1049

8.8CVSS7.7AI score0.00274EPSS

Exploits1

Cvelist•added 2022/03/25 6:3 p.m.•18 views

CVE-2022-1049

8.8AI score0.00274EPSS

Exploits1References3

CNNVD•added 2022/03/25 12:0 a.m.•1 views

Pacemaker 授权问题漏洞

Pacemaker is a scalable, high-availability cluster resource manager. An authorization issue vulnerability exists in pcs in the Pacemaker management tool that stems from the pcs daemon allowing accounts with expired accounts and passwords to log in when using PAM authentication...

8.8CVSS7.3AI score0.00274EPSS

Exploits1References12

RedhatCVE•added 2022/03/22 11:33 a.m.•45 views

CVE-2022-1049

A flaw was found in the Pacemaker configuration tool pcs. The pcs daemon allowed expired accounts and accounts with expired passwords to log in when using PAM authentication. Unprivileged, expired accounts with previously denied access could still log in...

8.8CVSS4.2AI score0.00274EPSS

Exploits1References4

Positive Technologies•added 2022/03/17 12:0 a.m.•4 views

PT-2022-4658 · Unknown +9 · Pacemaker Configuration Tool +9

Name of the Vulnerable Software and Affected Versions: Pacemaker configuration tool pcs affected versions not specified Description: A flaw was found in the Pacemaker configuration tool, allowing expired accounts and accounts with expired passwords to login when using PAM authentication. This iss...

9CVSS7.2AI score0.00274EPSS

Exploits1References94

AlmaLinux•added 2022/03/15 9:9 a.m.•20 views

pcs bug fix and enhancement update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Bug Fixes and Enhancements: Enabling sbd before starting the cluster sets an incorrect validate-with value in /var/lib/pacemaker/cib/cib.xml BZ2042433...

2.1AI score

Exploits0

OSV•added 2022/03/15 9:9 a.m.•5 views

ALBA-2022:0881 pcs bug fix and enhancement update

7.1AI score

Exploits0

IBM Security Bulletins•added 2022/02/21 4:39 a.m.•53 views

Security Bulletin: WebSphere Cast Iron and App Connect Professional are affected by vulnerabilities in Pacemaker, ImageMagick, gd-libgd, libxslt, cURL libcurl , Ghostscript.

Summary WebSphere Cast Iron and App Connect Professional are affected by vulnerabilities in Pacemaker, ImageMagick, gd-libgd, libxslt, cURL libcurl , Ghostscript. These vulnerabilities are addressed in App connect professional v7.5.4.0 and v7.5.5.0, customer can migrate to these versions without...

9.8CVSS9.5AI score0.74296EPSS

Exploits19Affected Software1

Tenable Nessus•added 2022/02/09 12:0 a.m.•149 views

AlmaLinux 8 : pacemaker (ALSA-2020:5487)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:5487 advisory. - An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various...

9CVSS7.4AI score0.00086EPSS

Exploits0References2

AlmaLinux•added 2022/02/01 8:3 p.m.•19 views

resource-agents bug fix and enhancement update

The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability HA environment. Bug Fixes and Enhancements: gcp-vpc-move-vip, gcp-vpc-move-route, gcp-pd-move: A failed...

2.1AI score

Exploits0

Rockylinux•added 2022/02/01 8:3 p.m.•5 views

resource-agents bug fix and enhancement update

An update is available for resource-agents. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The resource-agents packages provide the Pacemaker and RGManager...

1.3AI score

Exploits0

OSV•added 2022/02/01 8:3 p.m.•6 views

ALBA-2022:0347 resource-agents bug fix and enhancement update

7AI score

Exploits0

OpenVAS•added 2022/01/28 12:0 a.m.•27 views

Mageia: Security Advisory (MGASA-2014-0069)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.5AI score0.00669EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by