CyberSec.Space Logo
返回 CVE 浏览器

CVE-2020-1716

HIGH
8.8
CVSS Severity Score
EPSS Score0.0750%
EPSS Percentile21.29th
Published2021年5月28日
Last Modified2024年11月21日

Vulnerability Description

A flaw was found in the ceph-ansible playbook where it contained hardcoded passwords that were being used as default passwords while deploying Ceph services. Any authenticated attacker can abuse this flaw to brute-force Ceph deployments, and gain administrator access to Ceph clusters via the Ceph dashboard to initiate read, write, and delete Ceph clusters and also modify Ceph cluster configurations. Versions before ceph-ansible 6.0.0alpha1 are affected.

Affected Platforms (CPE)

📦
Ceph

Ceph Ansible

<= 5.0.3

References & Advisories

🔗 https://bugzilla.redhat.com/show_bug.cgi?id=1795592
🔗 https://bugzilla.redhat.com/show_bug.cgi?id=1795592

相关漏洞威胁

CVE-2020-256775.5

A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions. This ...

CVE-2020-079610.0

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles cer...

CVE-2020-1184410.0

Incorrect Authorization vulnerability in Micro Focus Container Deployment Foundation component affects products: - Hybrid Cloud Ma...

CVE-2020-1238810.0

The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this iss...