Wind River Support Network

HomeDefectsLIN10-8109
Fixed

LIN10-8109 : Security Advisory - ceph - CVE-2020-25678

Created: Jan 10, 2021    Updated: Apr 1, 2021
Resolved Date: Apr 1, 2021
Found In Version: 10.17.41.1
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Userspace

Description

A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible.

CREATE(Triage):(User=admin) [CVE-2020-25678|https://nvd.nist.gov/vuln/detail/CVE-2020-25678]

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube