VDB
DEBIAN-CVE-2022-1049
DEBIAN-CVE-2022-1049
PUBLISHED
CVSS 8.800000190734863 HIGH
A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.
Risk Scores
CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | pcs | 0, 0, 0 |
| Debian:13 | pcs | 0, 0, 0 |
| Debian:14 | pcs | 0, 0, 0 |
| Debian:11 | pcs | 0.10.8-1, 0, 0.10.8-1 |
Timeline
- Mar 25, 2022 CVE Published
- Apr 28, 2026 CVE Updated