{"api_version":"1","generated_at":"2026-04-23T05:14:04+00:00","cve":"CVE-2013-0281","urls":{"html":"https://cve.report/CVE-2013-0281","api":"https://cve.report/api/cve/CVE-2013-0281.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2013-0281","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2013-0281"},"summary":{"title":"CVE-2013-0281","description":"Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service (connection blocking).","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2013-11-23 11:55:00","updated_at":"2019-04-22 17:48:00"},"problem_types":["CWE-399"],"metrics":[],"references":[{"url":"https://github.com/ClusterLabs/pacemaker/commit/564f7cc2a51dcd2f28ab12a13394f31be5aa3c93","name":"https://github.com/ClusterLabs/pacemaker/commit/564f7cc2a51dcd2f28ab12a13394f31be5aa3c93","refsource":"CONFIRM","tags":["Exploit","Patch"],"title":"High: core: Internal tls api improvements for reuse with future LRMD … · ClusterLabs/pacemaker@564f7cc · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://rhn.redhat.com/errata/RHSA-2013-1635.html","name":"RHSA-2013:1635","refsource":"REDHAT","tags":["Vendor Advisory"],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=891922","name":"https://bugzilla.redhat.com/show_bug.cgi?id=891922","refsource":"CONFIRM","tags":[],"title":"Bug 891922 – CVE-2013-0281 pacemaker: remote DoS when CIB management is enabled caused by use of blocking sockets","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2013-0281","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0281","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2013","cve_id":"281","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"clusterlabs","cpe5":"pacemaker","cpe6":"1.1.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"281","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"clusterlabs","cpe5":"pacemaker","cpe6":"1.1.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"281","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"6.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"281","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"6.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2013-0281","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service (connection blocking)."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_affected":"=","version_value":"n/a"}]}}]}}]}},"references":{"reference_data":[{"url":"http://rhn.redhat.com/errata/RHSA-2013-1635.html","refsource":"MISC","name":"http://rhn.redhat.com/errata/RHSA-2013-1635.html"},{"url":"https://github.com/ClusterLabs/pacemaker/commit/564f7cc2a51dcd2f28ab12a13394f31be5aa3c93","refsource":"MISC","name":"https://github.com/ClusterLabs/pacemaker/commit/564f7cc2a51dcd2f28ab12a13394f31be5aa3c93"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=891922","refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=891922"}]}},"nvd":{"publishedDate":"2013-11-23 11:55:00","lastModifiedDate":"2019-04-22 17:48:00","problem_types":["CWE-399"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL","baseScore":4.3},"severity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:clusterlabs:pacemaker:1.1.10:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2013","CveId":"281","Ordinal":"59425","Title":"CVE-2013-0281","CVE":"CVE-2013-0281","Year":"2013"},"notes":[{"CveYear":"2013","CveId":"281","Ordinal":"1","NoteData":"Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is enabled, does not limit the duration of connections to the blocking sockets, which allows remote attackers to cause a denial of service (connection blocking).","Type":"Description","Title":null},{"CveYear":"2013","CveId":"281","Ordinal":"2","NoteData":"2013-11-23","Type":"Other","Title":"Published"},{"CveYear":"2013","CveId":"281","Ordinal":"3","NoteData":"2013-11-23","Type":"Other","Title":"Modified"}]}}}