Redhat » Enterprise Linux Server Eus » 7.3 : Security Vulnerabilities, CVEs, Published In 2018 (Bypass)
An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine.
Max CVSS
8.8
EPSS Score
0.06%
Published
2018-09-10
Updated
2019-10-09
It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.
Max CVSS
6.5
EPSS Score
0.65%
Published
2018-10-31
Updated
2022-08-29
2 vulnerabilities found