The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2 allows remote attackers to obtain the DRBD secret via instance information job results.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-08-18T17:00:00
Updated: 2024-08-06T08:06:31.127Z
Reserved: 2015-10-23T00:00:00
Link: CVE-2015-7945
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-08-18T17:29:01.327
Modified: 2021-09-08T17:07:29.237
Link: CVE-2015-7945
Redhat
No data.