CVE-2013-0281

{"id": "CVE-2013-0281", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-11-23T11:55:04.287", "references": [{"url": "http://rhn.redhat.com/errata/RHSA-2013-1635.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891922", "source": "secalert@redhat.com"}, {"url": "https://github.com/ClusterLabs/pacemaker/commit/564f7cc2a51dcd2f28ab12a13394f31be5aa3c93", "tags": ["Exploit", "Patch"], "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-1635.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891922", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/ClusterLabs/pacemaker/commit/564f7cc2a51dcd2f28ab12a13394f31be5aa3c93", "tags": ["Exploit", "Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-399"}]}], "descriptions": [{"lang": "en", "value": "Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service (connection blocking)."}, {"lang": "es", "value": "Pacemaker 1.1.10, cuando la configuraci\u00f3n o recurso de la administraci\u00f3n remota Cluster Information Base (CIB) est\u00e1 activada, no limita la duraci\u00f3n de las conexiones hacia los sockets de bloqueo, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (bloqueo de conexi\u00f3n)."}], "lastModified": "2024-11-21T01:47:13.207", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:clusterlabs:pacemaker:1.1.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "477AF770-650A-4292-BB7E-F0BF092187E9"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}