RSS   Vulnerabilities for 'Fence-agents'   RSS

2020-01-02
 
CVE-2014-0104

CWE-295
 

 
In fence-agents before 4.0.17 does not verify remote SSL certificates in the fence_cisco_ucs.py script which can potentially allow for man-in-the-middle attackers to spoof SSL servers via arbitrary SSL certificates.

 
2019-07-30
 
CVE-2019-10153

CWE-172
 

 
A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception. In cluster environments, this could lead to preventing automated recovery or otherwise denying service to clusters of which that VM is a member.

 

 >>> Vendor: Clusterlabs 7 Products
Pacemaker
PCS
Pacemaker command line interface
Libqb
Fence-agents
Crmsh
Cluster glue


Copyright 2022, cxsecurity.com

 

Back to Top