CVE-2013-0281
Summary
| CVE | CVE-2013-0281 |
|---|---|
| State | PUBLISHED |
| Assigner | redhat |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2013-11-23 11:55:04 UTC |
| Updated | 2026-04-29 01:13:23 UTC |
| Description | Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service (connection blocking). |
Risk And Classification
Primary CVSS: v2.0 4.3 from [email protected]
AV:N/AC:M/Au:N/C:N/I:N/A:P
EPSS: 0.006690000 probability, percentile 0.714090000 (date 2026-04-29)
Problem Types: CWE-399 | n/a
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
MediumAuthentication
NoneConfidentiality
NoneIntegrity
NoneAvailability
PartialAV:N/AC:M/Au:N/C:N/I:N/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Clusterlabs | Pacemaker | 1.1.10 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 6.0 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| High: core: Internal tls api improvements for reuse with future LRMD … · ClusterLabs/pacemaker@564f7cc · GitHub | af854a3a-2127-422b-91ae-364da2661108 | github.com | Exploit, Patch |
| Bug 891922 – CVE-2013-0281 pacemaker: remote DoS when CIB management is enabled caused by use of blocking sockets | af854a3a-2127-422b-91ae-364da2661108 | bugzilla.redhat.com | |
| Red Hat Customer Portal | af854a3a-2127-422b-91ae-364da2661108 | rhn.redhat.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.