Enterprise Linux Resilient Storage Security Vulnerabilities and Issues — Enterprise Linux Resilient Storage CVE List

Lucene search

RedhatEnterprise Linux Resilient Storage

6 matches found

CVE•added 2022/02/21 3:15 p.m.•957 views

CVE-2021-44142

The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and w...

9CVSS8.9AI score0.28831EPSS

CVE•added 2022/02/18 6:15 p.m.•836 views

CVE-2020-25717

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.

8.5CVSS8.1AI score0.00152EPSS

CVE•added 2022/02/18 6:15 p.m.•616 views

CVE-2016-2124

A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.

5.9CVSS7.2AI score0.00681EPSS

CVE•added 2015/08/12 2:59 p.m.•63 views

CVE-2015-1867

Pacemaker before 1.1.13 does not properly evaluate added nodes, which allows remote read-only users to gain privileges via an acl command.

7.5CVSS7.5AI score0.00714EPSS

CVE•added 2017/03/24 3:59 p.m.•59 views

CVE-2016-7797

Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.

7.5CVSS7.2AI score0.02954EPSS

CVE•added 2015/05/14 2:59 p.m.•55 views

CVE-2015-1848

The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. NOTE: this issue was SPLIT per ADT2 due to different vulnerabili...

6.8CVSS6.2AI score0.0121EPSS