CVE-2018-1079

NONE EPSS 61.7%
Published Apr 12, 20188y ago · Modified Jun 17, 20262w ago
Find Similar
Published Apr 12, 2018 8y ago
Last Modified Jun 17, 2026 2w ago

Description

pcs before version 0.9.164 and 0.10 is vulnerable to a privilege escalation via authorized user malicious REST call. The REST interface of the pcsd service did not properly sanitize the file name from the /remote/put_file query. If the /etc/booth directory exists, an authenticated attacker with write permissions could create or overwrite arbitrary files with arbitrary data outside of the /etc/booth directory, in the context of the pcsd process.

Threat Intelligence

EPSS Exploit Probability
61.7% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 2

CWE-22 Path Traversal Resource Mgmt
CWE-552

Affected Products 4

VendorProductVersionRange
clusterlabspacemaker_command_line_interface* ≤0.9.164
clusterlabspacemaker_command_line_interface0.10any
redhatenterprise_linux7.0any
redhatenterprise_linux7.5any

References 2

  • access.redhat.com https://access.redhat.com/errata/RHSA-2018:1060
    Third Party Advisory
  • bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1079
    Issue TrackingThird Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.