Description
A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.
References (10)
Scores
CVSS v3
8.8
EPSS
0.0044
EPSS Percentile
63.5%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-668
Status
published
Products (13)
Red Hat/Red Hat Enterprise Linux 10
Red Hat/Red Hat Enterprise Linux 6
Red Hat/Red Hat Enterprise Linux 7
Red Hat/Red Hat Enterprise Linux 8
0:5.3.7-20.el8_10
Red Hat/Red Hat Enterprise Linux 8.2 Advanced Update Support
0:5.0.2-8.el8_2
Red Hat/Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
0:5.2.5-7.el8_4
Red Hat/Red Hat Enterprise Linux 8.4 Telecommunications Update Service
0:5.2.5-7.el8_4
Red Hat/Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
0:5.2.5-7.el8_4
Red Hat/Red Hat Enterprise Linux 8.6 Extended Update Support
0:5.3.5-9.el8_6
Red Hat/Red Hat Enterprise Linux 8.8 Extended Update Support
0:5.3.7-18.el8_8
... and 3 more
Published
Mar 28, 2024
Tracked Since
Feb 18, 2026