CVE-2015-1867

Published: Aug 12, 2015
Updated: Apr 13, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2015-1867" target="_blank" rel="noopener"> CVE-2015-1867
Severity: High
Exploit:

Pacemaker before 1.1.13 does not properly evaluate added nodes, which allows remote read-only users to gain privileges via an acl command.

CVSS v2:

CWEs:

Software	From	Fixed in
redhat / enterprise_linux_high_availability	6.0	6.0.x
redhat / enterprise_linux_resilient_storage	7.0	7.0.x
redhat / enterprise_linux_resilient_storage	6.0	6.0.x
redhat / enterprise_linux_high_availability	7.0	7.0.x
clusterlabs / pacemaker	-	1.1.12.x