Vulnerabilities > Clusterlabs > PCS > High

DATE CVE VULNERABILITY TITLE RISK
2022-09-06 CVE-2022-2735 Incorrect Default Permissions vulnerability in multiple products
A vulnerability was found in the PCS project.
local
low complexity
clusterlabs debian CWE-276
7.8
7.8
2022-03-25 CVE-2022-1049 Improper Authentication vulnerability in multiple products
A flaw was found in the Pacemaker configuration tool (pcs).
network
low complexity
clusterlabs debian CWE-287
8.8
8.8
2017-04-21 CVE-2016-0721 Session Fixation vulnerability in multiple products
Session fixation vulnerability in pcsd in pcs before 0.9.157.
network
low complexity
clusterlabs redhat fedoraproject CWE-384
8.1
8.1
2017-04-21 CVE-2016-0720 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149.
network
low complexity
clusterlabs redhat fedoraproject CWE-352
8.8
8.8