Vulnerability Details CVE-2015-5189
Race condition in pcsd in PCS 0.9.139 and earlier uses a global variable to validate usernames, which allows remote authenticated users to gain privileges by sending a command that is checked for security after another user is authenticated.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.0%
CVSS Severity
CVSS v2 Score 4.9
References
Products affected by CVE-2015-5189
-
Pacemaker/corosync Configuration System Project » Pacemaker/corosync Configuration System » Version: Anycpe:2.3:a:pacemaker/corosync_configuration_system_project:pacemaker/corosync_configuration_system:*