vulnerability
CentOS Linux: CVE-2020-25678: Important: Red Hat Ceph Storage security, bug fix, and enhancement Update (CESA-2021:1452)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | Jan 8, 2021 | Jun 1, 2021 | May 25, 2023 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
Jan 8, 2021
Added
Jun 1, 2021
Modified
May 25, 2023
Description
A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible.
Solutions
centos-upgrade-ceph-ansiblecentos-upgrade-ceph-basecentos-upgrade-ceph-base-debuginfocentos-upgrade-ceph-commoncentos-upgrade-ceph-common-debuginfocentos-upgrade-ceph-debuginfocentos-upgrade-ceph-debugsourcecentos-upgrade-ceph-fusecentos-upgrade-ceph-fuse-debuginfocentos-upgrade-ceph-grafana-dashboardscentos-upgrade-ceph-mdscentos-upgrade-ceph-mds-debuginfocentos-upgrade-ceph-mgr-debuginfocentos-upgrade-ceph-mon-debuginfocentos-upgrade-ceph-osd-debuginfocentos-upgrade-ceph-radosgwcentos-upgrade-ceph-radosgw-debuginfocentos-upgrade-ceph-selinuxcentos-upgrade-ceph-test-debuginfocentos-upgrade-gperftools-debugsourcecentos-upgrade-gperftools-libscentos-upgrade-gperftools-libs-debuginfocentos-upgrade-libcephfs-develcentos-upgrade-libcephfs2centos-upgrade-libcephfs2-debuginfocentos-upgrade-librados-develcentos-upgrade-librados-devel-debuginfocentos-upgrade-libradospp-develcentos-upgrade-libradosstriper1centos-upgrade-libradosstriper1-debuginfocentos-upgrade-librbd-develcentos-upgrade-librgw-develcentos-upgrade-librgw2centos-upgrade-librgw2-debuginfocentos-upgrade-libtcmucentos-upgrade-python-ceph-argparsecentos-upgrade-python-cephfscentos-upgrade-python-rgwcentos-upgrade-python3-ceph-argparsecentos-upgrade-python3-cephfscentos-upgrade-python3-cephfs-debuginfocentos-upgrade-python3-radoscentos-upgrade-python3-rados-debuginfocentos-upgrade-python3-rbdcentos-upgrade-python3-rbd-debuginfocentos-upgrade-python3-rgwcentos-upgrade-python3-rgw-debuginfocentos-upgrade-rbd-fuse-debuginfocentos-upgrade-rbd-mirrorcentos-upgrade-rbd-mirror-debuginfocentos-upgrade-rbd-nbdcentos-upgrade-rbd-nbd-debuginfocentos-upgrade-tcmu-runner
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.