Fence-Agents vulnerabilities
2 known vulnerabilities affecting fence-agents/fence-agents.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2014-0104P4MEDIUMCVSS 5.9vbefore 4.0.172020-01-02
CVE-2014-0104 [MEDIUM] CWE-295 CVE-2014-0104: In fence-agents before 4.0.17 does not verify remote SSL certificates in the fence_cisco_ucs.py scri
In fence-agents before 4.0.17 does not verify remote SSL certificates in the fence_cisco_ucs.py script which can potentially allow for man-in-the-middle attackers to spoof SSL servers via arbitrary SSL certificates.
nvdosv
CVE-2019-10153P4MEDIUMCVSS 5.0≥ 0, < 4.3.3-22019-07-30
CVE-2019-10153 [MEDIUM] CVE-2019-10153: A flaw was discovered in fence-agents, prior to version 4
A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception. In cluster environments, this could lead to preventing automated recovery or otherwise denying service to clusters of which that VM is a member.
osv