CVE-2016-7797

NONE EPSS 86.8%
Published Mar 24, 20179y ago · Modified Jun 17, 20262w ago
Find Similar
Published Mar 24, 2017 9y ago
Last Modified Jun 17, 2026 2w ago

Description

Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.

Threat Intelligence

EPSS Exploit Probability
86.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-254

Affected Products 7

VendorProductVersionRange
clusterlabspacemaker* ≤1.1.14
opensuseleap42.2any
opensuse_projectleap42.1any
suselinux_enterprise_high_availability12any
suselinux_enterprise_software_development_kit12any
redhatenterprise_linux_high_availability7.0any
redhatenterprise_linux_resilient_storage7.0any

References 8

  • bugs.clusterlabs.org http://bugs.clusterlabs.org/show_bug.cgi?id=5269
    Issue TrackingVendor Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00038.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00001.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2016-12/msg00077.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2016-2578.html
    Third Party Advisory
  • openwall.com http://www.openwall.com/lists/oss-security/2016/10/01/1
    Mailing ListPatchThird Party Advisory
  • securityfocus.com http://www.securityfocus.com/bid/93261
    Third Party AdvisoryVDB Entry
  • github.com https://github.com/ClusterLabs/pacemaker/commit/5ec24a2642bd0854b884d1a9b51d12371373b410
    PatchThird Party Advisory

Remediation

  • openwall.com http://www.openwall.com/lists/oss-security/2016/10/01/1
    Mailing ListPatchThird Party Advisory
  • github.com https://github.com/ClusterLabs/pacemaker/commit/5ec24a2642bd0854b884d1a9b51d12371373b410
    PatchThird Party Advisory