Pcs Security Vulnerabilities and Issues — Pcs CVE List

Lucene search

ClusterlabsPcs

4 matches found

CVE•added 2017/04/21 3:59 p.m.•82 views

CVE-2016-0720

Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149.

8.8CVSS8.6AI score0.00196EPSS

CVE•added 2022/03/25 7:15 p.m.•82 views

CVE-2022-1049

A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.

8.8CVSS8.4AI score0.00118EPSS

CVE•added 2017/04/21 3:59 p.m.•80 views

CVE-2016-0721

Session fixation vulnerability in pcsd in pcs before 0.9.157.

8.1CVSS8.1AI score0.00288EPSS

CVE•added 2018/04/12 5:29 p.m.•53 views

CVE-2018-1079

pcs before version 0.9.164 and 0.10 is vulnerable to a privilege escalation via authorized user malicious REST call. The REST interface of the pcsd service did not properly sanitize the file name from the /remote/put_file query. If the /etc/booth directory exists, an authenticated attacker with wri...

8.7CVSS6.8AI score0.00408EPSS