ID CVE-2016-7797
Summary Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.
References
Vulnerable Configurations
  • cpe:2.3:a:clusterlabs:pacemaker:0.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:0.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:0.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:0.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:0.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:0.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:0.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:0.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:0.6.4:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:0.6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:0.6.5:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:0.6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:0.6.6:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:0.6.6:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:0.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:0.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:0.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:0.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.9:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.10:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc2:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc3:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc3:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc4:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc4:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc5:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc5:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc6:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc6:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc7:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc7:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.11:-:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.11:-:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc2:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc3:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc3:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc4:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc4:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc5:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc5:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.12:-:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.12:-:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc2:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc3:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc3:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc4:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc4:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.13:-:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.13:-:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.13:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.13:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.13:rc2:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.13:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.13:rc3:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.13:rc3:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.14:-:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.14:-:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc2:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc3:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc3:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc4:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc4:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc5:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc5:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise_high_availability:12:sp2:*:*:*:*:*:*
    cpe:2.3:o:suse:linux_enterprise_high_availability:12:sp2:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp2:*:*:*:*:*:*
    cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp2:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_high_availability:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_high_availability:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_resilient_storage:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_resilient_storage:7.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 30-10-2018 - 16:27)
Impact:
Exploitability:
CWE CWE-254
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
redhat via4
advisories
bugzilla
id 1379784
title CVE-2016-7797 pacemaker: pacemaker remote nodes vulnerable to hijacking, resulting in a DoS attack
oval
AND
  • OR
    • comment Red Hat Enterprise Linux 7 Client is installed
      oval oval:com.redhat.rhba:tst:20150364001
    • comment Red Hat Enterprise Linux 7 Server is installed
      oval oval:com.redhat.rhba:tst:20150364002
    • comment Red Hat Enterprise Linux 7 Workstation is installed
      oval oval:com.redhat.rhba:tst:20150364003
    • comment Red Hat Enterprise Linux 7 ComputeNode is installed
      oval oval:com.redhat.rhba:tst:20150364004
  • OR
    • AND
      • comment pacemaker is earlier than 0:1.1.15-11.el7
        oval oval:com.redhat.rhsa:tst:20162578007
      • comment pacemaker is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20131635006
    • AND
      • comment pacemaker-cli is earlier than 0:1.1.15-11.el7
        oval oval:com.redhat.rhsa:tst:20162578015
      • comment pacemaker-cli is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20131635014
    • AND
      • comment pacemaker-cluster-libs is earlier than 0:1.1.15-11.el7
        oval oval:com.redhat.rhsa:tst:20162578005
      • comment pacemaker-cluster-libs is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20131635016
    • AND
      • comment pacemaker-cts is earlier than 0:1.1.15-11.el7
        oval oval:com.redhat.rhsa:tst:20162578011
      • comment pacemaker-cts is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20131635018
    • AND
      • comment pacemaker-doc is earlier than 0:1.1.15-11.el7
        oval oval:com.redhat.rhsa:tst:20162578021
      • comment pacemaker-doc is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20131635012
    • AND
      • comment pacemaker-libs is earlier than 0:1.1.15-11.el7
        oval oval:com.redhat.rhsa:tst:20162578017
      • comment pacemaker-libs is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20131635008
    • AND
      • comment pacemaker-libs-devel is earlier than 0:1.1.15-11.el7
        oval oval:com.redhat.rhsa:tst:20162578009
      • comment pacemaker-libs-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20131635010
    • AND
      • comment pacemaker-nagios-plugins-metadata is earlier than 0:1.1.15-11.el7
        oval oval:com.redhat.rhsa:tst:20162578019
      • comment pacemaker-nagios-plugins-metadata is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20152383010
    • AND
      • comment pacemaker-remote is earlier than 0:1.1.15-11.el7
        oval oval:com.redhat.rhsa:tst:20162578013
      • comment pacemaker-remote is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20131635020
rhsa
id RHSA-2016:2578
released 2016-11-03
severity Moderate
title RHSA-2016:2578: pacemaker security, bug fix, and enhancement update (Moderate)
rpms
  • pacemaker-0:1.1.15-11.el7
  • pacemaker-cli-0:1.1.15-11.el7
  • pacemaker-cluster-libs-0:1.1.15-11.el7
  • pacemaker-cts-0:1.1.15-11.el7
  • pacemaker-doc-0:1.1.15-11.el7
  • pacemaker-libs-0:1.1.15-11.el7
  • pacemaker-libs-devel-0:1.1.15-11.el7
  • pacemaker-nagios-plugins-metadata-0:1.1.15-11.el7
  • pacemaker-remote-0:1.1.15-11.el7
refmap via4
bid 93261
confirm
mlist [oss-security] 20160930 Re: CVE request: pacemaker DoS when pacemaker remote is in use
suse
  • SUSE-SU-2016:2869
  • openSUSE-SU-2016:2965
  • openSUSE-SU-2016:3101
Last major update 30-10-2018 - 16:27
Published 24-03-2017 - 15:59
Back to Top