ClusterLabs Pacemaker PCS Daemon Default Password

critical Nessus Plugin ID 83266

Synopsis

The remote host is running a service with known default credentials.

Description

The remote ClusterLabs Pacemaker PCS daemon uses a known default set of credentials. This allows a remote attacker to run arbitrary commands on cluster members.

Note that some package deployment systems, such as Puppet, may be responsible for setting these default credentials.

Solution

Change the password on known default accounts.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=1201875

Plugin Details

Severity: Critical

ID: 83266

File Name: pcsd_default_creds.nasl

Version: 1.4

Type: remote

Family: Misc.

Published: 5/7/2015

Updated: 7/24/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:clusterlabs:pacemaker

Required KB Items: installed_sw/PCSD

Excluded KB Items: global_settings/supplied_logins_only

Exploit Ease: No exploit is required

Patch Publication Date: 4/29/2015

Vulnerability Publication Date: 3/13/2015

Reference Information

CVE: CVE-2015-1842

BID: 74049