ALT-PU-2016-1650-1
Closed vulnerabilities
Published: 2017-03-24
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-7797
Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- http://bugs.clusterlabs.org/show_bug.cgi?id=5269
- http://bugs.clusterlabs.org/show_bug.cgi?id=5269
- SUSE-SU-2016:2869
- SUSE-SU-2016:2869
- openSUSE-SU-2016:2965
- openSUSE-SU-2016:2965
- openSUSE-SU-2016:3101
- openSUSE-SU-2016:3101
- RHSA-2016:2578
- RHSA-2016:2578
- [oss-security] 20160930 Re: CVE request: pacemaker DoS when pacemaker remote is in use
- [oss-security] 20160930 Re: CVE request: pacemaker DoS when pacemaker remote is in use
- 93261
- 93261
- https://github.com/ClusterLabs/pacemaker/commit/5ec24a2642bd0854b884d1a9b51d12371373b410
- https://github.com/ClusterLabs/pacemaker/commit/5ec24a2642bd0854b884d1a9b51d12371373b410