CVE-2020-25678

A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible.
Configurations

Configuration 1

cpe:2.3:a:redhat:ceph_storage:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ceph:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Information

Published : 2021-01-08 06:15

Updated : 2023-02-12 11:40


NVD link : CVE-2020-25678

Mitre link : CVE-2020-25678

Products Affected
No products.
CWE
CWE-312

Cleartext Storage of Sensitive Information