CVE-2018-1079
NONE EPSS 61.7%
Published Apr 12, 20188y ago · Modified Jun 17, 20262w ago
Published Apr 12, 2018 8y ago
Last Modified Jun 17, 2026 2w ago
Description
pcs before version 0.9.164 and 0.10 is vulnerable to a privilege escalation via authorized user malicious REST call. The REST interface of the pcsd service did not properly sanitize the file name from the /remote/put_file query. If the /etc/booth directory exists, an authenticated attacker with write permissions could create or overwrite arbitrary files with arbitrary data outside of the /etc/booth directory, in the context of the pcsd process.
Threat Intelligence
EPSS Exploit Probability
61.7% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 2
CWE-22 Path Traversal Resource Mgmt
CWE-552
Affected Products 4
| Vendor | Product | Version | Range |
|---|---|---|---|
| clusterlabs | pacemaker_command_line_interface | * | ≤0.9.164 |
| clusterlabs | pacemaker_command_line_interface | 0.10 | any |
| redhat | enterprise_linux | 7.0 | any |
| redhat | enterprise_linux | 7.5 | any |
References 2
- access.redhat.com https://access.redhat.com/errata/RHSA-2018:1060
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1079
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.