CyberSec.Space Logo
Back to CVE Browser

CVE-2020-25677

MEDIUM
5.5
CVSS Severity Score
EPSS Score0.1870%
EPSS Percentile14.88th
PublishedDec 8, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions. This flaw allows any user on the system to read sensitive information within this file. The highest threat from this vulnerability is to confidentiality.

Affected Platforms (CPE)

📦
Ceph

Ceph Ansible

= 4.0.41
📦
Redhat

Ceph Storage

= 3.0
📦
Redhat

Ceph Storage

= 4.0

References & Advisories

🔗 https://bugzilla.redhat.com/show_bug.cgi?id=1892108
🔗 https://bugzilla.redhat.com/show_bug.cgi?id=1892108

Related Vulnerabilities

CVE-2020-17168.8

A flaw was found in the ceph-ansible playbook where it contained hardcoded passwords that were being used as default passwords whi...

CVE-2020-696610.0

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ver...

CVE-2020-696110.0

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ve...

CVE-2020-696210.0

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ve...