CVE-2023-27486
CVE-2023-27486 affects xCAT prior to 2.16.5. When zones are enabled for cluster security, a local root user on a node can obtain credentials to SSH to any node across zones (excluding the default-zone management node). The issue is resolved in xCAT 2.16.5. If upgrading is not possible, mitigation...