In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This leads to access-control bypass in some situations in which an unrelated D-Bus system service has a settable (writable) property
References
Configurations
History
07 Nov 2023, 03:39
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2021-11-26 00:15
Updated : 2024-02-28 18:48
NVD link : CVE-2021-44225
Mitre link : CVE-2021-44225
CVE.ORG link : CVE-2021-44225
JSON object : View
Products Affected
fedoraproject
- fedora
keepalived
- keepalived
CWE