Описание
An access flaw was found in Heketi 5, where the heketi.json configuration file was world readable. An attacker having local access to the Heketi server could read plain-text passwords from the heketi.json file.
An access flaw was found in heketi, where the heketi.json configuration file was world readable. An attacker having local access to the Heketi server could read plain-text passwords from the heketi.json file.
Дополнительная информация
Статус:
Low
Дефект:
CWE-552
https://bugzilla.redhat.com/show_bug.cgi?id=1510149heketi: Information disclosure through world readable file
5.5 Medium
CVSS3
Связанные уязвимости
CVSS3: 7.8
nvd
около 8 лет назад
An access flaw was found in Heketi 5, where the heketi.json configuration file was world readable. An attacker having local access to the Heketi server could read plain-text passwords from the heketi.json file.
CVSS3: 7.8
debian
около 8 лет назад
An access flaw was found in Heketi 5, where the heketi.json configurat ...
5.5 Medium
CVSS3