Vulnerabilities > Clusterlabs > Fence Agents > 3.9.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-02 | CVE-2014-0104 | Improper Certificate Validation vulnerability in Clusterlabs Fence-Agents In fence-agents before 4.0.17 does not verify remote SSL certificates in the fence_cisco_ucs.py script which can potentially allow for man-in-the-middle attackers to spoof SSL servers via arbitrary SSL certificates. | 4.3 |
| 2019-07-30 | CVE-2019-10153 | A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception. | 5.0 |