MiracleLinux 9 : pcp-6.2.0-2.el9 (AXSA:2024-8062:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8062:02 advisory. pcp: exposure of the redis server backend allows remote command execution via pmproxy CVE-2024-3019 Tenable has extracted the preceding description...

CLSA-2025-1764080949 pcp: Fix of CVE-2024-3019

CVE-2024-3019: Fix default pmproxy configuration to restrict access to Redis server backend, preventing remote command execution...

EUVD-2024-31627

Malicious code in bioql PyPI...

SUSE SLES15 Security Update : pcp (SUSE-SU-2025:03233-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03233-1 advisory. - CVE-2024-3019: exposure of the redis server backend allows remote command execution via pmproxy bsc1222121. Tenable has extracted the...

Security update for pcp

This update for pcp fixes the following issues: CVE-2024-3019: exposure of the redis server backend allows remote command execution via pmproxy bsc1222121. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

SUSE-SU-2025:03233-1 Security update for pcp

This update for pcp fixes the following issues: - CVE-2024-3019: exposure of the redis server backend allows remote command execution via pmproxy bsc1222121...

TencentOS Server 3: pcp (TSSA-2024:0223)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0223 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

SUSE-SU-2025:20133-1 Security update for pcp

This update for pcp fixes the following issues: - CVE-2024-45770: Fixed pmpost symlink attack allowing escalating pcp to root user bsc1230552. - CVE-2024-45769: Fixed pmcd heap corruption through metric pmstore operations bsc1230551. - CVE-2024-3019: Fixed exposure of the redis backend server...

Security update for pcp

This update for pcp fixes the following issues: CVE-2024-45770: Fixed pmpost symlink attack allowing escalating pcp to root user bsc1230552. CVE-2024-45769: Fixed pmcd heap corruption through metric pmstore operations bsc1230551. CVE-2024-3019: Fixed exposure of the redis backend server allowing...

ROS-20240904-14

A vulnerability in Performance Co-Pilot performance monitoring and visualization software PCP is related to the mixed privilege levels used by systemd services associated with PCP. Exploitation of the vulnerability could allow an attacker to execute a symbolic link attack and break the isolation ...

Rocky Linux 8 : pcp (RLSA-2024:3264)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3264 advisory. pcp: exposure of the redis server backend allows remote command execution via pmproxy CVE-2024-3019 Tenable has extracted the preceding description block directl...

Oracle Linux 8 : pcp (ELSA-2024-3264)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3264 advisory. 5.3.7-20.0.1 - pcp-zoneinfo fix to replay ol7 archives Orabug: 35903733 - Backporting of python tool pcp-meminfo Orabug: 35759707 - Backporting of python tool...

pcp: exposure of the redis server backend allows remote command execution via pmproxy

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

RHEL 8 : pcp (RHSA-2024:3392)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3392 advisory. Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...

pcp: exposure of the redis server backend allows remote command execution via pmproxy

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

pcp: exposure of the redis server backend allows remote command execution via pmproxy

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

pcp: exposure of the redis server backend allows remote command execution via pmproxy

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

pcp: exposure of the redis server backend allows remote command execution via pmproxy

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

pcp security, bug fix, and enhancement update

An update is available for pcp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Performance Co-Pilot PCP is a suite of tools, services, and libraries for...

Oracle Linux 9 : pcp (ELSA-2024-2566)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2566 advisory. 6.2.0-2.0.1 - Fixed libpcp derived metric issue for ol9 Orabug: 36538820 6.2.0-2 - Disable RESP proxying by default in pmproxy RHEL-30719 Tenable has extracted...