Описание
rhscon-ceph in Red Hat Storage Console 2 x86_64 and Red Hat Storage Console Node 2 x86_64 allows local users to obtain the password as cleartext.
A flaw was found in the way authentication details were passed between rhscon-ceph and rhscon-core. An authenticated, local attacker could use this flaw to recover the cleartext password.
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-214
https://bugzilla.redhat.com/show_bug.cgi?id=1381681rhscon-ceph: password leak by command line parameter
4.8 Medium
CVSS3
4.3 Medium
CVSS2
Связанные уязвимости
CVSS3: 7.8
nvd
больше 8 лет назад
rhscon-ceph in Red Hat Storage Console 2 x86_64 and Red Hat Storage Console Node 2 x86_64 allows local users to obtain the password as cleartext.
CVSS3: 7.8
github
больше 3 лет назад
rhscon-ceph in Red Hat Storage Console 2 x86_64 and Red Hat Storage Console Node 2 x86_64 allows local users to obtain the password as cleartext.
4.8 Medium
CVSS3
4.3 Medium
CVSS2