A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions. This flaw allows any user on the system to read sensitive information within this file. The highest threat from this vulnerability is to confidentiality.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2020-12-08T00:02:25

Updated: 2024-08-04T15:40:36.651Z

Reserved: 2020-09-16T00:00:00

Link: CVE-2020-25677

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2020-12-08T01:15:12.070

Modified: 2021-03-04T18:49:09.047

Link: CVE-2020-25677

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-11-23T00:00:00Z

Links: CVE-2020-25677 - Bugzilla