CVE-2013-0281

high

Description

Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service (connection blocking).

References

https://bugzilla.redhat.com/show_bug.cgi?id=891922

http://rhn.redhat.com/errata/RHSA-2013-1635.html

Details

Source: Mitre, NVD

Published: 2013-11-23

Updated: 2019-04-22

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High