vulnerability

CentOS: (CVE-2016-7035) CESA-2016:2675: pacemaker

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Nov 3, 2016
Added
Nov 14, 2016
Modified
May 5, 2019

Description

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine.

Solution(s)

centos-upgrade-pacemakercentos-upgrade-pacemaker-clicentos-upgrade-pacemaker-cluster-libscentos-upgrade-pacemaker-ctscentos-upgrade-pacemaker-doccentos-upgrade-pacemaker-libscentos-upgrade-pacemaker-libs-develcentos-upgrade-pacemaker-remote
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.