6.2
CVE-2018-16878
- EPSS 0.44%
- Veröffentlicht 18.04.2019 18:29:00
- Zuletzt bearbeitet 21.11.2024 03:53:30
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Clusterlabs ≫ Pacemaker Version <= 2.0.1
Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version18.10
Canonical ≫ Ubuntu Linux Version19.04
Fedoraproject ≫ Fedora Version28
Fedoraproject ≫ Fedora Version29
Fedoraproject ≫ Fedora Version30
Debian ≫ Debian Linux Version9.0
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux Aus Version8.2
Redhat ≫ Enterprise Linux Aus Version8.4
Redhat ≫ Enterprise Linux Aus Version8.6
Redhat ≫ Enterprise Linux Eus Version8.1
Redhat ≫ Enterprise Linux Eus Version8.2
Redhat ≫ Enterprise Linux Eus Version8.4
Redhat ≫ Enterprise Linux Eus Version8.6
Redhat ≫ Enterprise Linux Tus Version8.2
Redhat ≫ Enterprise Linux Tus Version8.4
Redhat ≫ Enterprise Linux Tus Version8.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.44% | 0.348 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:N/I:N/A:P
|
| secalert@redhat.com | 6.2 | 2.5 | 3.6 |
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-400 Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource.
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00034.html
https://access.redhat.com/errata/RHSA-2019:1278
https://access.redhat.com/errata/RHSA-2019:1279
https://github.com/ClusterLabs/pacemaker/pull/1749
https://lists.debian.org/debian-lts-announce/2021/01/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3GCWFO7GL6MBU6C4BGFO3P6L77DIBBF3/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FY4M4RMIG2POKC6OOFQODGKPRYXHET2F/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HR6QUYGML735EI3HEEHYRDW7EG73BUH2/
https://security.gentoo.org/glsa/202309-09
https://usn.ubuntu.com/3952-1/
http://www.securityfocus.com/bid/108039
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16878