Unrated severityNVD Advisory· Published Jan 8, 2021· Updated Feb 13, 2025
CVE-2020-25678
CVE-2020-25678
Description
A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
18- ceph/cephdescription
- osv-coords15 versionspkg:rpm/opensuse/ceph&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/ceph&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/ceph-test&distro=openSUSE%20Leap%2015.2pkg:rpm/suse/ceph&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/ceph&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/ceph&distro=SUSE%20Manager%20Proxy%204.0pkg:rpm/suse/ceph&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.0pkg:rpm/suse/ceph&distro=SUSE%20Manager%20Server%204.0pkg:rpm/suse/deepsea&distro=SUSE%20Enterprise%20Storage%206
< 15.2.9.83+g4275378de0-lp152.2.12.1+ 14 more
- (no CPE)range: < 15.2.9.83+g4275378de0-lp152.2.12.1
- (no CPE)range: < 16.2.6.463+g22e7612f9ad-1.1
- (no CPE)range: < 15.2.9.83+g4275378de0-lp152.2.12.1
- (no CPE)range: < 14.2.20.402+g6aa76c6815-3.60.1
- (no CPE)range: < 15.2.9.83+g4275378de0-3.17.1
- (no CPE)range: < 14.2.20.402+g6aa76c6815-3.60.1
- (no CPE)range: < 14.2.20.402+g6aa76c6815-3.60.1
- (no CPE)range: < 15.2.9.83+g4275378de0-3.17.1
- (no CPE)range: < 14.2.20.402+g6aa76c6815-3.60.1
- (no CPE)range: < 14.2.20.402+g6aa76c6815-3.60.1
- (no CPE)range: < 14.2.20.402+g6aa76c6815-3.60.1
- (no CPE)range: < 14.2.20.402+g6aa76c6815-3.60.1
- (no CPE)range: < 14.2.20.402+g6aa76c6815-3.60.1
- (no CPE)range: < 14.2.20.402+g6aa76c6815-3.60.1
- (no CPE)range: < 0.9.35+git.0.5a1dc9fe-3.34.1
Patches
Vulnerability mechanics
References
5- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OQTBKVXVYP7GPQNZ5VASOIJHMLK7727M/mitrevendor-advisoryx_refsource_FEDORA
- security.gentoo.org/glsa/202105-39mitrevendor-advisoryx_refsource_GENTOO
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
- tracker.ceph.com/issues/37503mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2023/10/msg00034.htmlmitre
News mentions
0No linked articles in our index yet.