Lucene search
Veracode Vulnerability DatabaseVERACODE:12930HistoryJan 15, 2019 - 9:23 a.m.
Information Disclosure
2019-01-1509:23:47
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
EPSS
0.004
Percentile
74.0%
pcs is vulnerable to information disclosure. The REST interface does not properly remove the pcs debug argument from the /run_pcs query, allowing a remote attacker to obtain confidential information, potentially containing a valid token and allowing for elevation of privileges.
References
access.redhat.com/documentation/en-US/red_hat_enterprise_linux/6/html/6.10_release_notes/index.html
access.redhat.com/documentation/en-US/red_hat_enterprise_linux/6/html/6.10_technical_notes/index.html
access.redhat.com/errata/RHSA-2018:1060
access.redhat.com/errata/RHSA-2018:1927
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1086
www.debian.org/security/2018/dsa-4169
Related
redhatcve
redhatcve
CVE-2018-1086
2018-04-09 11:48:48
osv
osv
CVE-2018-1086
2018-04-12 16:29:00
pcs - security update
2018-04-09 00:00:00
redhat
redhat
(RHSA-2018:1927) Moderate: pcs security update
2018-06-19 02:12:38
(RHSA-2018:1060) Important: pcs security update
2018-04-10 08:05:05
prion
prion
Privilege escalation
2018-04-12 16:29:00
nessus
nessus
Debian DSA-4169-1 : pcs - security update
2018-04-12 00:00:00
NewStart CGSL MAIN 4.05 : pcs Vulnerability (NS-SA-2019-0143)
2019-08-12 00:00:00
CentOS 6 : pcs (CESA-2018:1927)
2018-06-22 00:00:00
cve
cve
CVE-2018-1086
2018-04-12 16:29:00
debiancve
debiancve
CVE-2018-1086
2018-04-12 16:29:00
nvd
nvd
CVE-2018-1086
2018-04-12 16:29:00
cvelist
cvelist
CVE-2018-1086
2018-04-12 16:00:00
centos
centos
pcs security update
2018-06-21 11:55:57
pcs security update
2018-05-30 18:24:25
ubuntucve
ubuntucve
CVE-2018-1086
2018-04-12 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-4169-1)
2018-04-10 00:00:00
Fedora Update for pcs FEDORA-2018-57bbe74c6c
2018-04-19 00:00:00
Fedora Update for pcs FEDORA-2018-ce5d7106d8
2018-04-19 00:00:00
debian
debian
[SECURITY] [DSA 4169-1] pcs security update
2018-04-11 08:26:59
[SECURITY] [DSA 4339-1] ceph security update
2018-11-13 21:48:36
fedora
fedora
[SECURITY] Fedora 27 Update: pcs-0.9.164-1.fc27
2018-04-19 00:32:14
[SECURITY] Fedora 28 Update: pcs-0.9.164-1.fc28
2018-04-15 02:44:28
[SECURITY] Fedora 26 Update: pcs-0.9.160-2.fc26
2018-04-19 00:07:28
oraclelinux
oraclelinux
pcs security update
2018-04-30 00:00:00
amazon
amazon
Important: pcs
2018-04-26 17:41:00