pacemaker is vulnerable to authorization bypass. The vulnerability exists through an ACL bypass flaw, where users can use IPC
communication with the various daemons directly to bypass ACL restrictions.
bugzilla.redhat.com/show_bug.cgi?id=1888191
lists.clusterlabs.org/pipermail/users/2020-October/027840.html
lists.debian.org/debian-lts-announce/2021/01/msg00007.html
lists.fedoraproject.org/archives/list/[email protected]/message/HMSWPVSLEUN4QCZPHKBMBZVUXLKKNSMM/
lists.fedoraproject.org/archives/list/[email protected]/message/NG7YJDH5DNOTKZJOHFWSACULGPJUOJMZ/
seclists.org/oss-sec/2020/q4/83
www.openwall.com/lists/oss-security/2020/10/27/1