6 matches found
SUSE SLES12 Security Update : hawk2 (SUSE-SU-2021:0090-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:0090-1 advisory. This update for hawk2 fixes the following security issue: - CVE-2020-35458: Fixed an insufficient input sanitation that could have led to remote code...
SUSE SLES12 Security Update : hawk2 (SUSE-SU-2021:0198-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:0198-1 advisory. hawk2 was updated to version 2.5. Security issue fixed: - Fixed another possible code execution vulnerability in the controller code bsc1179998. Tenabl...
SUSE SLES12 Security Update : hawk2 (SUSE-SU-2021:0192-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:0192-1 advisory. hawk2 was updated to version 2.5. Security issue fixed: - Fixed another possible code execution vulnerability in the controller code bsc1179998. Tenabl...
SUSE SLES12 Security Update : hawk2 (SUSE-SU-2021:0089-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:0089-1 advisory. This update for hawk2 fixes the following security issue: - CVE-2020-35458: Fixed an insufficient input handler that could have led to remote code...
CVE-2020-35458
An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawkremembermeid parameter in the loginfromcookie cookie. The user logout routine could be used by unauthenticated remote attackers to execute code as hauser...
CVE-2020-35458
An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawkremembermeid parameter in the loginfromcookie cookie. The user logout routine could be used by unauthenticated remote attackers to execute code as hauser...