CVE-2016-7797
NONE EPSS 86.8%
Published Mar 24, 20179y ago · Modified Jun 17, 20262w ago
Published Mar 24, 2017 9y ago
Last Modified Jun 17, 2026 2w ago
Description
Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.
Threat Intelligence
EPSS Exploit Probability
86.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-254
Affected Products 7
| Vendor | Product | Version | Range |
|---|---|---|---|
| clusterlabs | pacemaker | * | ≤1.1.14 |
| opensuse | leap | 42.2 | any |
| opensuse_project | leap | 42.1 | any |
| suse | linux_enterprise_high_availability | 12 | any |
| suse | linux_enterprise_software_development_kit | 12 | any |
| redhat | enterprise_linux_high_availability | 7.0 | any |
| redhat | enterprise_linux_resilient_storage | 7.0 | any |
References 8
- bugs.clusterlabs.org http://bugs.clusterlabs.org/show_bug.cgi?id=5269
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00038.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00001.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2016-12/msg00077.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2016-2578.html
- openwall.com http://www.openwall.com/lists/oss-security/2016/10/01/1
- securityfocus.com http://www.securityfocus.com/bid/93261
- github.com https://github.com/ClusterLabs/pacemaker/commit/5ec24a2642bd0854b884d1a9b51d12371373b410
Remediation
- openwall.com http://www.openwall.com/lists/oss-security/2016/10/01/1
- github.com https://github.com/ClusterLabs/pacemaker/commit/5ec24a2642bd0854b884d1a9b51d12371373b410