Vulnerabilities > Clusterlabs

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-12	CVE-2017-2661	Cross-site Scripting vulnerability in Clusterlabs PCS ClusterLabs pcs before version 0.9.157 is vulnerable to a cross-site scripting vulnerability due to improper validation of Node name field when creating new cluster or adding existing cluster. network clusterlabs CWE-79	4.3
2017-04-21	CVE-2016-0721	Session Fixation vulnerability in multiple products Session fixation vulnerability in pcsd in pcs before 0.9.157. network low complexity clusterlabs redhat fedoraproject CWE-384	8.1
2017-04-21	CVE-2016-0720	Cross-Site Request Forgery (CSRF) vulnerability in multiple products Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149. network low complexity clusterlabs redhat fedoraproject CWE-352	8.8
2017-03-24	CVE-2016-7797	7PK - Security Features vulnerability in multiple products Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection. network low complexity clusterlabs opensuse opensuse-project suse redhat CWE-254	5.0
2013-11-23	CVE-2013-0281	Resource Management Errors vulnerability in multiple products Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service (connection blocking). network redhat clusterlabs CWE-399	4.3

Vulnerabilities > Clusterlabs {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Clusterlabs"}]}