A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a Unix socket used for internal communication between PCS daemons. A privilege escalation could happen by obtaining an authentication token for a hacluster user. With the "hacluster" token, this flaw allows an attacker to have complete control over the cluster managed by PCS.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2022-09-06T17:18:51
Updated: 2024-08-03T00:46:04.116Z
Reserved: 2022-08-09T00:00:00
Link: CVE-2022-2735
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-09-06T18:15:14.880
Modified: 2024-11-21T07:01:36.417
Link: CVE-2022-2735
Redhat