In fence-agents prior to 4.0.17 does not verify remote SSL certificates in the fence_cisco_ucs.py script which can potentially allow for man-in-the-middle malicious users to spoof SSL servers via arbitrary SSL certificates.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
clusterlabs fence-agents |