ID CVE-2020-25654
Summary An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration.
References
Vulnerable Configurations
  • cpe:2.3:a:clusterlabs:pacemaker:2.0.5:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:2.0.5:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:0.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:0.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:0.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:0.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:0.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:0.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:0.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:0.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:0.6.4:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:0.6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:0.6.5:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:0.6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:0.6.6:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:0.6.6:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:0.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:0.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:0.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:0.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.9:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.10:*:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc2:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc3:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc3:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc4:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc4:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc5:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc5:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc6:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc6:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc7:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.10:rc7:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.11:-:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.11:-:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc2:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc3:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc3:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc4:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc4:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc5:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.11:rc5:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.12:-:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.12:-:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc2:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc3:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc3:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc4:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.12:rc4:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.13:-:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.13:-:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.13:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.13:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.13:rc2:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.13:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.13:rc3:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.13:rc3:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.14:-:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.14:-:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc2:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc3:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc3:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc4:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc4:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc5:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.14:rc5:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.15:-:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.15:-:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.15:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.15:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.15:rc2:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.15:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.15:rc3:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.15:rc3:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.15:rc4:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.15:rc4:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.16:-:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.16:-:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.16:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.16:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.16:rc2:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.16:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.17:-:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.17:-:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.17:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.17:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.17:rc2:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.17:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.17:rc3:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.17:rc3:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.17:rc4:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.17:rc4:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.18:-:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.18:-:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.18:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.18:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.18:rc2:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.18:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.18:rc3:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.18:rc3:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.18:rc4:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.18:rc4:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.19:-:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.19:-:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.19:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.19:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.20:-:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.20:-:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.20:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.20:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.20:rc2:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.20:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.20:rc3:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.20:rc3:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.21:-:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.21:-:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:1.1.21:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:1.1.21:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:2.0.0:-:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:2.0.0:-:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc4:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc5:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc5:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc6:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:2.0.0:rc6:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:2.0.1:-:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:2.0.1:-:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc2:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc3:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc3:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc4:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc4:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc5:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:2.0.1:rc5:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:2.0.2:-:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:2.0.2:-:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:2.0.2:rc1:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:2.0.2:rc1:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:2.0.2:rc2:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:2.0.2:rc2:*:*:*:*:*:*
  • cpe:2.3:a:clusterlabs:pacemaker:2.0.2:rc3:*:*:*:*:*:*
    cpe:2.3:a:clusterlabs:pacemaker:2.0.2:rc3:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
CVSS
Base: 9.0 (as of 29-09-2023 - 11:15)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:S/C:C/I:C/A:C
redhat via4
advisories
  • bugzilla
    id 1888191
    title CVE-2020-25654 pacemaker: ACL restrictions bypass
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment pacemaker is earlier than 0:1.1.23-1.el7_9.1
            oval oval:com.redhat.rhsa:tst:20205453001
          • comment pacemaker is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20131635002
        • AND
          • comment pacemaker-cli is earlier than 0:1.1.23-1.el7_9.1
            oval oval:com.redhat.rhsa:tst:20205453003
          • comment pacemaker-cli is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20131635004
        • AND
          • comment pacemaker-cluster-libs is earlier than 0:1.1.23-1.el7_9.1
            oval oval:com.redhat.rhsa:tst:20205453005
          • comment pacemaker-cluster-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20131635006
        • AND
          • comment pacemaker-cts is earlier than 0:1.1.23-1.el7_9.1
            oval oval:com.redhat.rhsa:tst:20205453007
          • comment pacemaker-cts is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20131635008
        • AND
          • comment pacemaker-doc is earlier than 0:1.1.23-1.el7_9.1
            oval oval:com.redhat.rhsa:tst:20205453009
          • comment pacemaker-doc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20131635010
        • AND
          • comment pacemaker-libs is earlier than 0:1.1.23-1.el7_9.1
            oval oval:com.redhat.rhsa:tst:20205453011
          • comment pacemaker-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20131635012
        • AND
          • comment pacemaker-libs-devel is earlier than 0:1.1.23-1.el7_9.1
            oval oval:com.redhat.rhsa:tst:20205453013
          • comment pacemaker-libs-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20131635014
        • AND
          • comment pacemaker-nagios-plugins-metadata is earlier than 0:1.1.23-1.el7_9.1
            oval oval:com.redhat.rhsa:tst:20205453015
          • comment pacemaker-nagios-plugins-metadata is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152383016
        • AND
          • comment pacemaker-remote is earlier than 0:1.1.23-1.el7_9.1
            oval oval:com.redhat.rhsa:tst:20205453017
          • comment pacemaker-remote is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20131635016
    rhsa
    id RHSA-2020:5453
    released 2020-12-15
    severity Moderate
    title RHSA-2020:5453: pacemaker security update (Moderate)
  • bugzilla
    id 1888191
    title CVE-2020-25654 pacemaker: ACL restrictions bypass
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 8 is installed
        oval oval:com.redhat.rhba:tst:20193384074
      • OR
        • AND
          • comment pacemaker is earlier than 0:2.0.4-6.el8_3.1
            oval oval:com.redhat.rhsa:tst:20205487001
          • comment pacemaker is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20131635002
        • AND
          • comment pacemaker-cli is earlier than 0:2.0.4-6.el8_3.1
            oval oval:com.redhat.rhsa:tst:20205487003
          • comment pacemaker-cli is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20131635004
        • AND
          • comment pacemaker-cluster-libs is earlier than 0:2.0.4-6.el8_3.1
            oval oval:com.redhat.rhsa:tst:20205487005
          • comment pacemaker-cluster-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20131635006
        • AND
          • comment pacemaker-cts is earlier than 0:2.0.4-6.el8_3.1
            oval oval:com.redhat.rhsa:tst:20205487007
          • comment pacemaker-cts is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20131635008
        • AND
          • comment pacemaker-debugsource is earlier than 0:2.0.4-6.el8_3.1
            oval oval:com.redhat.rhsa:tst:20205487009
          • comment pacemaker-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20191279010
        • AND
          • comment pacemaker-doc is earlier than 0:2.0.4-6.el8_3.1
            oval oval:com.redhat.rhsa:tst:20205487011
          • comment pacemaker-doc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20131635010
        • AND
          • comment pacemaker-libs is earlier than 0:2.0.4-6.el8_3.1
            oval oval:com.redhat.rhsa:tst:20205487013
          • comment pacemaker-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20131635012
        • AND
          • comment pacemaker-libs-devel is earlier than 0:2.0.4-6.el8_3.1
            oval oval:com.redhat.rhsa:tst:20205487015
          • comment pacemaker-libs-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20131635014
        • AND
          • comment pacemaker-nagios-plugins-metadata is earlier than 0:2.0.4-6.el8_3.1
            oval oval:com.redhat.rhsa:tst:20205487017
          • comment pacemaker-nagios-plugins-metadata is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152383016
        • AND
          • comment pacemaker-remote is earlier than 0:2.0.4-6.el8_3.1
            oval oval:com.redhat.rhsa:tst:20205487019
          • comment pacemaker-remote is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20131635016
        • AND
          • comment pacemaker-schemas is earlier than 0:2.0.4-6.el8_3.1
            oval oval:com.redhat.rhsa:tst:20205487021
          • comment pacemaker-schemas is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20191279022
    rhsa
    id RHSA-2020:5487
    released 2020-12-15
    severity Moderate
    title RHSA-2020:5487: pacemaker security update (Moderate)
rpms
  • pacemaker-0:2.0.3-5.el8_2.3
  • pacemaker-cli-0:2.0.3-5.el8_2.3
  • pacemaker-cli-debuginfo-0:2.0.3-5.el8_2.3
  • pacemaker-cluster-libs-0:2.0.3-5.el8_2.3
  • pacemaker-cluster-libs-debuginfo-0:2.0.3-5.el8_2.3
  • pacemaker-cts-0:2.0.3-5.el8_2.3
  • pacemaker-debuginfo-0:2.0.3-5.el8_2.3
  • pacemaker-debugsource-0:2.0.3-5.el8_2.3
  • pacemaker-doc-0:2.0.3-5.el8_2.3
  • pacemaker-libs-0:2.0.3-5.el8_2.3
  • pacemaker-libs-debuginfo-0:2.0.3-5.el8_2.3
  • pacemaker-libs-devel-0:2.0.3-5.el8_2.3
  • pacemaker-nagios-plugins-metadata-0:2.0.3-5.el8_2.3
  • pacemaker-remote-0:2.0.3-5.el8_2.3
  • pacemaker-remote-debuginfo-0:2.0.3-5.el8_2.3
  • pacemaker-schemas-0:2.0.3-5.el8_2.3
  • pacemaker-0:1.1.23-1.el7_9.1
  • pacemaker-cli-0:1.1.23-1.el7_9.1
  • pacemaker-cluster-libs-0:1.1.23-1.el7_9.1
  • pacemaker-cts-0:1.1.23-1.el7_9.1
  • pacemaker-debuginfo-0:1.1.23-1.el7_9.1
  • pacemaker-doc-0:1.1.23-1.el7_9.1
  • pacemaker-libs-0:1.1.23-1.el7_9.1
  • pacemaker-libs-devel-0:1.1.23-1.el7_9.1
  • pacemaker-nagios-plugins-metadata-0:1.1.23-1.el7_9.1
  • pacemaker-remote-0:1.1.23-1.el7_9.1
  • pacemaker-0:2.0.4-6.el8_3.1
  • pacemaker-cli-0:2.0.4-6.el8_3.1
  • pacemaker-cli-debuginfo-0:2.0.4-6.el8_3.1
  • pacemaker-cluster-libs-0:2.0.4-6.el8_3.1
  • pacemaker-cluster-libs-debuginfo-0:2.0.4-6.el8_3.1
  • pacemaker-cts-0:2.0.4-6.el8_3.1
  • pacemaker-debuginfo-0:2.0.4-6.el8_3.1
  • pacemaker-debugsource-0:2.0.4-6.el8_3.1
  • pacemaker-doc-0:2.0.4-6.el8_3.1
  • pacemaker-libs-0:2.0.4-6.el8_3.1
  • pacemaker-libs-debuginfo-0:2.0.4-6.el8_3.1
  • pacemaker-libs-devel-0:2.0.4-6.el8_3.1
  • pacemaker-nagios-plugins-metadata-0:2.0.4-6.el8_3.1
  • pacemaker-remote-0:2.0.4-6.el8_3.1
  • pacemaker-remote-debuginfo-0:2.0.4-6.el8_3.1
  • pacemaker-schemas-0:2.0.4-6.el8_3.1
refmap via4
misc
mlist [debian-lts-announce] 20210106 [SECURITY] [DLA 2519-1] pacemaker security update
Last major update 29-09-2023 - 11:15
Published 24-11-2020 - 20:15
Last modified 29-09-2023 - 11:15
Back to Top