← Back

Pacemaker Configuration System

pacemaker_configuration_system

Vendor: Fedora • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2015-3983
1Fedora
1Pacemaker Configuration System
May 6, 2026
May 14, 2015
N/A· v4
N/A· v3
4.3 MEDIUM· v2
The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this...Show more
The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. NOTE: this issue was SPLIT from CVE-2015-1848 per ADT2 due to different vulnerability types.Show less
CVE-2015-1848
2Fedora
Redhat
5Enterprise Linux High Availability
Enterprise Linux High Availability EusEnterprise Linux Resilient Storage+2 more
May 6, 2026
May 14, 2015
N/A· v4
N/A· v3
6.8 MEDIUM· v2
The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an...Show more
The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. NOTE: this issue was SPLIT per ADT2 due to different vulnerability types. CVE-2015-3983 is for the issue with not setting the HTTPOnly flag.Show less