Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
clusterlabs crmsh vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2020-35458
An issue exists in ClusterLabs Hawk 2.x up to and including 2.3.0-x. There is a Ruby shell code injection issue via the hawk_remember_me_id parameter in the login_from_cookie cookie. The user logout routine could be used by unauthenticated remote malicious users to execute code a...
Clusterlabs Hawk 2.2.0-12
Clusterlabs Hawk 2.3.0-12
641
VMScore
CVE-2020-35459
An issue exists in ClusterLabs crmsh up to and including 4.2.1. Local attackers able to call "crm history" (when "crm" is run) were able to execute commands via shell code injection to the crm history commandline, potentially allowing escalation of privileges.
Clusterlabs Crmsh
Debian Debian Linux 9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started