CyberSec.Space Logo
返回 CVE 浏览器

CVE-2020-25677

MEDIUM
5.5
CVSS Severity Score
EPSS Score0.1870%
EPSS Percentile14.88th
Published2020年12月8日
Last Modified2024年11月21日

Vulnerability Description

A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions. This flaw allows any user on the system to read sensitive information within this file. The highest threat from this vulnerability is to confidentiality.

Affected Platforms (CPE)

📦
Ceph

Ceph Ansible

= 4.0.41
📦
Redhat

Ceph Storage

= 3.0
📦
Redhat

Ceph Storage

= 4.0

References & Advisories

🔗 https://bugzilla.redhat.com/show_bug.cgi?id=1892108
🔗 https://bugzilla.redhat.com/show_bug.cgi?id=1892108

相关漏洞威胁

CVE-2020-17168.8

A flaw was found in the ceph-ansible playbook where it contained hardcoded passwords that were being used as default passwords whi...

CVE-2020-161410.0

A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, wh...

CVE-2020-1249310.0

An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4... grants root access to the device wi...

CVE-2020-135010.0

A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka...