CentOS Linux: CVE-2019-10153: Moderate: fence-agents security, bug fix, and enhancement update (CESA-2019:2037)
4
(AV:N/AC:L/Au:S/C:N/I:N/A:P)
07/30/2019
08/29/2019
08/28/2019
05/25/2023
Description
A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception. In cluster environments, this could lead to preventing automated recovery or otherwise denying service to clusters of which that VM is a member.
Solution(s)
- centos-upgrade-fence-agents-all
- centos-upgrade-fence-agents-amt-ws
- centos-upgrade-fence-agents-apc
- centos-upgrade-fence-agents-apc-snmp
- centos-upgrade-fence-agents-bladecenter
- centos-upgrade-fence-agents-brocade
- centos-upgrade-fence-agents-cisco-mds
- centos-upgrade-fence-agents-cisco-ucs
- centos-upgrade-fence-agents-common
- centos-upgrade-fence-agents-compute
- centos-upgrade-fence-agents-debuginfo
- centos-upgrade-fence-agents-drac5
- centos-upgrade-fence-agents-eaton-snmp
- centos-upgrade-fence-agents-emerson
- centos-upgrade-fence-agents-eps
- centos-upgrade-fence-agents-heuristics-ping
- centos-upgrade-fence-agents-hpblade
- centos-upgrade-fence-agents-ibmblade
- centos-upgrade-fence-agents-ifmib
- centos-upgrade-fence-agents-ilo-moonshot
- centos-upgrade-fence-agents-ilo-mp
- centos-upgrade-fence-agents-ilo-ssh
- centos-upgrade-fence-agents-ilo2
- centos-upgrade-fence-agents-intelmodular
- centos-upgrade-fence-agents-ipdu
- centos-upgrade-fence-agents-ipmilan
- centos-upgrade-fence-agents-kdump
- centos-upgrade-fence-agents-mpath
- centos-upgrade-fence-agents-redfish
- centos-upgrade-fence-agents-rhevm
- centos-upgrade-fence-agents-rsa
- centos-upgrade-fence-agents-rsb
- centos-upgrade-fence-agents-sbd
- centos-upgrade-fence-agents-scsi
- centos-upgrade-fence-agents-virsh
- centos-upgrade-fence-agents-vmware-rest
- centos-upgrade-fence-agents-vmware-soap
- centos-upgrade-fence-agents-wti
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center