Vulnerabilities > Clusterlabs > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-06 | CVE-2024-3049 | A flaw was found in Booth, a cluster ticket manager. | 5.9 |
| 2022-07-28 | CVE-2022-2553 | The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. | 6.5 |
| 2021-10-18 | CVE-2010-2496 | Improper Authentication vulnerability in Clusterlabs Cluster Glue and Pacemaker stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it possible for local attackers to gain access to passwords of the HA stack and potentially influence its operations. | 5.5 |
| 2020-01-02 | CVE-2014-0104 | Improper Certificate Validation vulnerability in Clusterlabs Fence-Agents In fence-agents before 4.0.17 does not verify remote SSL certificates in the fence_cisco_ucs.py script which can potentially allow for man-in-the-middle attackers to spoof SSL servers via arbitrary SSL certificates. | 5.9 |
| 2019-11-12 | CVE-2011-5271 | Link Following vulnerability in Clusterlabs Pacemaker Pacemaker before 1.1.6 configure script creates temporary files insecurely | 5.5 |
| 2019-07-30 | CVE-2019-10153 | A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception. | 5.0 |
| 2019-04-18 | CVE-2018-16878 | Resource Exhaustion vulnerability in multiple products A flaw was found in pacemaker up to and including version 2.0.1. | 5.5 |
| 2018-04-12 | CVE-2018-1079 | Path Traversal vulnerability in multiple products pcs before version 0.9.164 and 0.10 is vulnerable to a privilege escalation via authorized user malicious REST call. | 6.5 |
| 2018-03-12 | CVE-2017-2661 | Cross-site Scripting vulnerability in Clusterlabs PCS ClusterLabs pcs before version 0.9.157 is vulnerable to a cross-site scripting vulnerability due to improper validation of Node name field when creating new cluster or adding existing cluster. | 6.1 |