Clusterlabs Hawk
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Clusterlabs Hawk.
By the Year
In 2026 there have been 0 vulnerabilities in Clusterlabs Hawk. Hawk did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 8.80 |
It may take a day or so for new Hawk vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Clusterlabs Hawk Security Vulnerabilities
ClusterLabs Hawk 2.3.0-15 Setuid Binary Root Escalation
CVE-2021-3020
8.8 - High
- August 26, 2022
An issue was discovered in ClusterLabs Hawk (aka HA Web Konsole) through 2.3.0-15. It ships the binary hawk_invoke (built from tools/hawk_invoke.c), intended to be used as a setuid program. This allows the hacluster user to invoke certain commands as root (with an attempt to limit this to safe combinations). This user is able to execute an interactive "shell" that isn't limited to the commands specified in hawk_invoke, allowing escalation to root.
Improper Privilege Management
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Clusterlabs Hawk or by Clusterlabs? Click the Watch button to subscribe.
