N/A

In fence-agents before 4.0.17 does not verify remote SSL certificates in the fence_cisco_ucs.py script which can potentially allow for man-in-the-middle attackers to spoof SSL servers via arbitrary SSL certificates.

N/A

N/A

fence-agents 信任管理问题漏洞

fence-agents是一款支持集群设备远程电源管理的代理程序。 fence-agents 4.0.17之前版本中存在安全漏洞。攻击者可借助任意的SSL证书利用该漏洞伪造SSL服务器。

N/A

N/A