RHSA-2018:1060HighCVSS 8.7
Red Hat Security Advisory: pcs security update
🔗 CVE IDs covered (3)
📋 Description
CVE-2018-1079 — pcs: Privilege escalation via authorized user malicious REST call CVE-2018-1086 — pcs: Debug parameter removal bypass, allowing information disclosure CVE-2018-1000119 — rack-protection: Timing attack in authenticity_token.rb
🔗 References (6)
- selfhttps://access.redhat.com/errata/RHSA-2018:1060
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1534027
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1550243
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1557366
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1060.json