Wind River Support Network

HomeDefectsLIN1019-5883
Fixed

LIN1019-5883 : Security Advisory - ceph - CVE-2020-25678

Created: Jan 10, 2021    Updated: May 20, 2021
Resolved Date: Mar 2, 2021
Found In Version: 10.19.45.1
Fix Version: 10.19.45.16
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Userspace

Description

 A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible.

CREATE(Triage):(User=admin) [CVE-2020-25678|https://nvd.nist.gov/vuln/detail/CVE-2020-25678]

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube