Vulnerabilities > Clusterlabs > Fence Agents > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-01-02 CVE-2014-0104 Improper Certificate Validation vulnerability in Clusterlabs Fence-Agents
In fence-agents before 4.0.17 does not verify remote SSL certificates in the fence_cisco_ucs.py script which can potentially allow for man-in-the-middle attackers to spoof SSL servers via arbitrary SSL certificates.
4.3
2019-07-30 CVE-2019-10153 A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception.
network
low complexity
clusterlabs redhat
5.0