Wind River Support Network

HomeDefectsLIN1021-258
Fixed

LIN1021-258 : Security Advisory - ceph - CVE-2020-25678

Created: May 24, 2021    Updated: Sep 27, 2022
Resolved Date: Jul 13, 2021
Found In Version: 10.21.20.1
Fix Version: 10.21.20.2
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible.

CREATE(Triage):(User=admin) CVE-2020-25678 (https://nvd.nist.gov/vuln/detail/CVE-2020-25678)

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube