Vulnerability Details CVE-2019-10153
A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception. In cluster environments, this could lead to preventing automated recovery or otherwise denying service to clusters of which that VM is a member.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.2%
CVSS Severity
CVSS v3 Score 5.0
CVSS v2 Score 4.0
References
- https://access.redhat.com/errata/RHSA-2019:2037
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10153
- https://github.com/ClusterLabs/fence-agents/pull/255
- https://github.com/ClusterLabs/fence-agents/pull/272
- https://access.redhat.com/errata/RHSA-2019:2037
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10153
- https://github.com/ClusterLabs/fence-agents/pull/255
- https://github.com/ClusterLabs/fence-agents/pull/272
Products affected by CVE-2019-10153
-
cpe:2.3:a:clusterlabs:fence-agents:-
-
cpe:2.3:a:clusterlabs:fence-agents:3.1.0
-
cpe:2.3:a:clusterlabs:fence-agents:3.1.1
-
cpe:2.3:a:clusterlabs:fence-agents:3.1.10
-
cpe:2.3:a:clusterlabs:fence-agents:3.1.11
-
cpe:2.3:a:clusterlabs:fence-agents:3.1.12
-
cpe:2.3:a:clusterlabs:fence-agents:3.1.2
-
cpe:2.3:a:clusterlabs:fence-agents:3.1.3
-
cpe:2.3:a:clusterlabs:fence-agents:3.1.4
-
cpe:2.3:a:clusterlabs:fence-agents:3.1.5
-
cpe:2.3:a:clusterlabs:fence-agents:3.1.6
-
cpe:2.3:a:clusterlabs:fence-agents:3.1.7
-
cpe:2.3:a:clusterlabs:fence-agents:3.1.8
-
cpe:2.3:a:clusterlabs:fence-agents:3.1.9
-
cpe:2.3:a:clusterlabs:fence-agents:3.9.0
-
cpe:2.3:a:clusterlabs:fence-agents:3.9.1
-
cpe:2.3:a:clusterlabs:fence-agents:3.9.3
-
cpe:2.3:a:clusterlabs:fence-agents:3.9.5
-
cpe:2.3:a:clusterlabs:fence-agents:3.9.6
-
cpe:2.3:a:clusterlabs:fence-agents:3.9.7.1
-
cpe:2.3:a:clusterlabs:fence-agents:3.9.8
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.0
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.1
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.10
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.11
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.12
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.13
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.14
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.15
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.16
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.17
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.18
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.19
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.2
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.20
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.21
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.22
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.23
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.24
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.25
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.3
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.4
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.5
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.6
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.7
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.7.1
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.8
-
cpe:2.3:a:clusterlabs:fence-agents:4.0.9
-
cpe:2.3:a:clusterlabs:fence-agents:4.1.0
-
cpe:2.3:a:clusterlabs:fence-agents:4.1.1
-
cpe:2.3:a:clusterlabs:fence-agents:4.2.0
-
cpe:2.3:a:clusterlabs:fence-agents:4.2.1
-
cpe:2.3:a:clusterlabs:fence-agents:4.3.0
-
cpe:2.3:a:clusterlabs:fence-agents:4.3.1
-
cpe:2.3:a:clusterlabs:fence-agents:4.3.2
-
cpe:2.3:a:clusterlabs:fence-agents:4.3.3
-
cpe:2.3:o:redhat:enterprise_linux:8.0
-
cpe:2.3:o:redhat:enterprise_linux_server:7.0
-
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0