Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pacemaker configuration system vulnerabilities and exploits
(subscribe to this query)
436
VMScore
CVE-2015-5189
Race condition in pcsd in PCS 0.9.139 and previous versions uses a global variable to validate usernames, which allows remote authenticated users to gain privileges by sending a command that is checked for security after another user is authenticated.
Pacemaker\\/corosync Configuration System Project Pacemaker\\/corosync Configuration System
756
VMScore
CVE-2015-5190
The pcsd web UI in PCS 0.9.139 and previous versions allows remote authenticated users to execute arbitrary commands via "escape characters" in a URL.
Pacemaker\\/corosync Configuration System Project Pacemaker\\/corosync Configuration System
383
VMScore
CVE-2015-3983
The pcs daemon (pcsd) in PCS 0.9.137 and previous versions does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote malicious users to obtain potentially sensitive information via script access to this cookie. NOTE: this issue was SPLIT from CVE...
Fedora Pacemaker Configuration System
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started