CVE-2015-5189

Name of the Vulnerable Software and Affected Versions PCS versions 0.9.139 and earlier

Description A race condition exists in the pcsd web UI backend, allowing remote authenticated users to gain privileges by sending a command that is checked for security after another user is authenticated. This issue can be exploited to send a request that would be evaluated as originating from a different user, potentially allowing the attacker to perform actions with permissions of a more privileged user.

Recommendations For PCS versions 0.9.139 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.