A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a Unix socket used for internal communication between PCS daemons. A privilege escalation could happen by obtaining an authentication token for a hacluster user. With the "hacluster" token, this flaw allows an malicious user to have complete control over the cluster managed by PCS.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
clusterlabs pcs |
||
debian debian linux 11.0 |