OESA-2024-1436
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1436
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2024-1436.json
- JSON Data
- https://api.osv.dev/v1/vulns/OESA-2024-1436
- Upstream
- Published
- 2024-04-12T11:07:42Z
- Modified
- 2025-09-03T06:20:13.458598Z
- Summary
- pcp security update
- Details
-
PCP provides a range of services that may be used to monitor and manage system performance. These services are distributed and scalable to accommodate the most complex system configurations and performance problems.
Security Fix(es):
A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.(CVE-2024-3019)
- Database specific
{ "severity": "High" }- References
Affected packages
openEuler:22.03-LTS / pcp
Package
- Name
- pcp
- Purl
- pkg:rpm/openEuler/pcp&distro=openEuler-22.03-LTS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.3.5-9.oe2203
Ecosystem specific
{
"x86_64": [
"pcp-pmda-gpsd-5.3.5-9.oe2203.x86_64.rpm",
"python3-pcp-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-shping-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-openvswitch-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-cifs-5.3.5-9.oe2203.x86_64.rpm",
"pcp-export-pcp2zabbix-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-gfs2-5.3.5-9.oe2203.x86_64.rpm",
"pcp-debugsource-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-weblog-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-samba-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-dbping-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-podman-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-summary-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-gpfs-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-pdns-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-netfilter-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-sockets-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-rsyslog-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-ds389log-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-slurm-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-oracle-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-postgresql-5.3.5-9.oe2203.x86_64.rpm",
"pcp-selinux-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-gluster-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-mongodb-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-nginx-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-bonding-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-hacluster-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-openmetrics-5.3.5-9.oe2203.x86_64.rpm",
"perl-PCP-MMV-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-rabbitmq-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-haproxy-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-mic-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-lio-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-libvirt-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-lmsensors-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-apache-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-zimbra-5.3.5-9.oe2203.x86_64.rpm",
"pcp-conf-5.3.5-9.oe2203.x86_64.rpm",
"pcp-export-pcp2influxdb-5.3.5-9.oe2203.x86_64.rpm",
"perl-PCP-LogSummary-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-logger-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-elasticsearch-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-bpftrace-5.3.5-9.oe2203.x86_64.rpm",
"pcp-5.3.5-9.oe2203.x86_64.rpm",
"pcp-export-pcp2xml-5.3.5-9.oe2203.x86_64.rpm",
"pcp-import-ganglia2pcp-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-perfevent-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-mounts-5.3.5-9.oe2203.x86_64.rpm",
"pcp-zeroconf-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-named-5.3.5-9.oe2203.x86_64.rpm",
"pcp-export-pcp2json-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-news-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-lustre-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-denki-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-bcc-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-trace-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-sendmail-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-infiniband-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-snmp-5.3.5-9.oe2203.x86_64.rpm",
"pcp-gui-5.3.5-9.oe2203.x86_64.rpm",
"pcp-debuginfo-5.3.5-9.oe2203.x86_64.rpm",
"pcp-import-collectl2pcp-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-bind2-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-bpf-5.3.5-9.oe2203.x86_64.rpm",
"pcp-import-mrtg2pcp-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-mysql-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-systemd-5.3.5-9.oe2203.x86_64.rpm",
"perl-PCP-LogImport-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-roomtemp-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-unbound-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-cisco-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-docker-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-json-5.3.5-9.oe2203.x86_64.rpm",
"pcp-import-iostat2pcp-5.3.5-9.oe2203.x86_64.rpm",
"pcp-export-pcp2spark-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-lustrecomm-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-netcheck-5.3.5-9.oe2203.x86_64.rpm",
"pcp-import-sar2pcp-5.3.5-9.oe2203.x86_64.rpm",
"perl-PCP-PMDA-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-activemq-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-bash-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-smart-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-mssql-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-postfix-5.3.5-9.oe2203.x86_64.rpm",
"pcp-export-pcp2graphite-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-mailq-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-memcache-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-nfsclient-5.3.5-9.oe2203.x86_64.rpm",
"pcp-export-pcp2elasticsearch-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-nvidia-gpu-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-redis-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-ds389-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-nutcracker-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-zswap-5.3.5-9.oe2203.x86_64.rpm",
"pcp-system-tools-5.3.5-9.oe2203.x86_64.rpm",
"pcp-export-zabbix-agent-5.3.5-9.oe2203.x86_64.rpm",
"pcp-devel-5.3.5-9.oe2203.x86_64.rpm",
"pcp-pmda-dm-5.3.5-9.oe2203.x86_64.rpm"
],
"aarch64": [
"pcp-pmda-ds389log-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-rabbitmq-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-sendmail-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-oracle-5.3.5-9.oe2203.aarch64.rpm",
"pcp-5.3.5-9.oe2203.aarch64.rpm",
"pcp-debugsource-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-samba-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-json-5.3.5-9.oe2203.aarch64.rpm",
"pcp-export-pcp2graphite-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-zimbra-5.3.5-9.oe2203.aarch64.rpm",
"pcp-zeroconf-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-named-5.3.5-9.oe2203.aarch64.rpm",
"python3-pcp-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-dbping-5.3.5-9.oe2203.aarch64.rpm",
"pcp-debuginfo-5.3.5-9.oe2203.aarch64.rpm",
"pcp-selinux-5.3.5-9.oe2203.aarch64.rpm",
"perl-PCP-LogImport-5.3.5-9.oe2203.aarch64.rpm",
"pcp-export-pcp2elasticsearch-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-lio-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-gluster-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-roomtemp-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-postgresql-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-lmsensors-5.3.5-9.oe2203.aarch64.rpm",
"pcp-system-tools-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-logger-5.3.5-9.oe2203.aarch64.rpm",
"pcp-export-pcp2zabbix-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-netcheck-5.3.5-9.oe2203.aarch64.rpm",
"pcp-export-pcp2json-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-lustrecomm-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-gpfs-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-smart-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-hacluster-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-weblog-5.3.5-9.oe2203.aarch64.rpm",
"pcp-import-ganglia2pcp-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-mongodb-5.3.5-9.oe2203.aarch64.rpm",
"perl-PCP-PMDA-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-elasticsearch-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-gpsd-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-memcache-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-lustre-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-mailq-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-openvswitch-5.3.5-9.oe2203.aarch64.rpm",
"pcp-export-pcp2xml-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-nfsclient-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-bpf-5.3.5-9.oe2203.aarch64.rpm",
"pcp-import-iostat2pcp-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-apache-5.3.5-9.oe2203.aarch64.rpm",
"perl-PCP-LogSummary-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-postfix-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-netfilter-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-mounts-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-nvidia-gpu-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-redis-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-denki-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-dm-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-snmp-5.3.5-9.oe2203.aarch64.rpm",
"pcp-export-pcp2influxdb-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-mic-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-perfevent-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-haproxy-5.3.5-9.oe2203.aarch64.rpm",
"pcp-export-zabbix-agent-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-bind2-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-trace-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-slurm-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-rsyslog-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-libvirt-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-nutcracker-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-systemd-5.3.5-9.oe2203.aarch64.rpm",
"pcp-import-collectl2pcp-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-gfs2-5.3.5-9.oe2203.aarch64.rpm",
"pcp-gui-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-shping-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-bonding-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-ds389-5.3.5-9.oe2203.aarch64.rpm",
"pcp-import-sar2pcp-5.3.5-9.oe2203.aarch64.rpm",
"perl-PCP-MMV-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-openmetrics-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-cisco-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-news-5.3.5-9.oe2203.aarch64.rpm",
"pcp-import-mrtg2pcp-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-cifs-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-infiniband-5.3.5-9.oe2203.aarch64.rpm",
"pcp-devel-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-podman-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-summary-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-pdns-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-sockets-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-activemq-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-nginx-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-docker-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-mysql-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-unbound-5.3.5-9.oe2203.aarch64.rpm",
"pcp-conf-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-bash-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-zswap-5.3.5-9.oe2203.aarch64.rpm",
"pcp-export-pcp2spark-5.3.5-9.oe2203.aarch64.rpm",
"pcp-pmda-bpftrace-5.3.5-9.oe2203.aarch64.rpm"
],
"noarch": [
"pcp-help-5.3.5-9.oe2203.noarch.rpm"
],
"src": [
"pcp-5.3.5-9.oe2203.src.rpm"
]
}