CVE-2015-1867
published 2015-08-12CVE-2015-1867: Pacemaker before 1.1.13 does not properly evaluate added nodes, which allows remote read-only users to gain privileges via an acl command.
high7.5CVSS 3.1
AVNACLAuNCPIPAP
Pacemaker before 1.1.13 does not properly evaluate added nodes, which allows remote read-only users to gain privileges via an acl command.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| clusterlabs | pacemaker | <= 1.1.12 | — |
| debian | pacemaker | — | — |
| redhat | enterprise_linux_high_availability | — | — |
| redhat | enterprise_linux_high_availability | — | — |
| redhat | enterprise_linux_resilient_storage | — | — |
| redhat | enterprise_linux_resilient_storage | — | — |