CVE-2018-1079

Name of the Vulnerable Software and Affected Versions pcs versions prior to 0.9.164 pcs version 0.10

Description The issue allows for privilege escalation via an authorized user making a malicious REST call. The REST interface of the pcsd service fails to properly sanitize the file name from the "/remote/put file" query. If the "/etc/booth" directory exists, an authenticated attacker with write permissions could create or overwrite arbitrary files with arbitrary data outside of the "/etc/booth" directory, in the context of the pcsd process.

Recommendations For pcs versions prior to 0.9.164, update to version 0.9.164 or later to resolve the issue. For pcs version 0.10, update to a version later than 0.10 to resolve the issue. As a temporary workaround, consider restricting access to the "/remote/put file" query in the pcsd service REST interface until a patch is available.