vulnerability
Amazon Linux AMI 2: CVE-2018-16877: Security patch for pacemaker (ALAS-2019-1275)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:P/I:P/A:P) | Apr 18, 2019 | Apr 27, 2020 | Nov 27, 2024 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
Apr 18, 2019
Added
Apr 27, 2020
Modified
Nov 27, 2024
Description
A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.
Solutions
amazon-linux-ami-2-upgrade-pacemakeramazon-linux-ami-2-upgrade-pacemaker-cliamazon-linux-ami-2-upgrade-pacemaker-cluster-libsamazon-linux-ami-2-upgrade-pacemaker-ctsamazon-linux-ami-2-upgrade-pacemaker-debuginfoamazon-linux-ami-2-upgrade-pacemaker-docamazon-linux-ami-2-upgrade-pacemaker-libsamazon-linux-ami-2-upgrade-pacemaker-libs-develamazon-linux-ami-2-upgrade-pacemaker-nagios-plugins-metadataamazon-linux-ami-2-upgrade-pacemaker-remote
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.