Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pacemaker vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv2
CVE-2017-12714
Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017 do not restrict or limit the number of correctly formatted "RF wake-up" commands that can be received, which may allow a nearby malicious user to repeatedly send commands to reduce pacemaker battery life....
Abbott Accent Firmware
Abbott Anthem Firmware
Abbott Accent Mri Firmware
Abbott Accent St Firmware
Abbott Assurity Firmware
Abbott Allure Firmware
Abbott Assurity Mri Firmware
4.9
CVSSv2
CVE-2015-5189
Race condition in pcsd in PCS 0.9.139 and previous versions uses a global variable to validate usernames, which allows remote authenticated users to gain privileges by sending a command that is checked for security after another user is authenticated.
Pacemaker\\/corosync Configuration System Project Pacemaker\\/corosync Configuration System
8.5
CVSSv2
CVE-2015-5190
The pcsd web UI in PCS 0.9.139 and previous versions allows remote authenticated users to execute arbitrary commands via "escape characters" in a URL.
Pacemaker\\/corosync Configuration System Project Pacemaker\\/corosync Configuration System
4.3
CVSSv2
CVE-2015-3983
The pcs daemon (pcsd) in PCS 0.9.137 and previous versions does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote malicious users to obtain potentially sensitive information via script access to this cookie. NOTE: this issue was SPLIT from CVE...
Fedora Pacemaker Configuration System
4.3
CVSSv2
CVE-2013-0281
Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote malicious users to cause a denial of service (connection blocking).
Redhat Enterprise Linux 6.0
Clusterlabs Pacemaker 1.1.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2