CVE-2018-16877

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-16877
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-16877.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-16877
Downstream
Related
Published
2019-04-18T18:29:00.297Z
Modified
2026-02-16T07:33:26.608771Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.

References

Affected packages

Git / github.com/etcd-io/etcd

Affected ranges

Type
GIT
Repo
https://github.com/etcd-io/etcd
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b606078e9312e7dbb461bbbfc50e322471cdb63c

Affected versions

Other
0
v0.*
v0.1.0
v0.1.1
v0.1.2
v0.2.0
v0.2.0-rc0
v0.2.0-rc1
v0.2.0-rc2
v0.2.0-rc3
v0.2.0-rc4
v0.3.0
v0.4.0
v0.4.1
v0.4.2
v0.4.3
v0.4.4
v0.4.5
v0.4.6
v0.5.0-alpha.0
v0.5.0-alpha.1
v0.5.0-alpha.2
v0.5.0-alpha.3
v0.5.0-alpha.4
v0.5.0-alpha.5
v2.*
v2.0.0
v2.0.0-rc.1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-16877.json"