VDB
CVE-2023-2319
CVE-2023-2319
PUBLISHED
CVSS 9.800000190734863 CRITICAL
It was discovered that an update for PCS package in RHBA-2023:2151 erratum released as part of Red Hat Enterprise Linux 9.2 failed to include the fix for the Webpack issue CVE-2023-28154 (for PCS package), which was previously addressed in Red Hat Enterprise Linux 9.1 via erratum RHSA-2023:1591. The CVE-2023-2319 was assigned to that Red Hat specific security regression in Red Hat Enterprise Linux 9.2.
EPSS 0.39% · 60.1th percentile
Risk Scores
CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.39%
60.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| redhat | enterprise_linux_high_availability_eus | 9.2, 9.2, 9.2 |
| redhat | enterprise_linux_high_availability | 9.0, 9.0, 9.0 |
| n/a | pcs | Affects pcs v0.11.4-6.el9, Fixed in pcs v0.11.4-7.el9_2, Affects pcs v0.11.4-6.el9, Fixed in pcs v0.11.4-7.el9_2 |
| clusterlabs | pcs | 0.11.4-6.el9, 0.11.4-6.el9, 0.11.4-6.el9 |
Exploit Intelligence
Timeline
- May 17, 2023 CVE Published
- May 18, 2023 EPSS Score
- Jun 23, 2023 EPSS Score
- Jul 30, 2023 EPSS Score
- Sep 4, 2023 EPSS Score
- Oct 11, 2023 EPSS Score
- Nov 16, 2023 EPSS Score
- Dec 23, 2023 EPSS Score
- Jan 28, 2024 EPSS Score
- Mar 5, 2024 EPSS Score
- Apr 10, 2024 EPSS Score
- May 17, 2024 EPSS Score