VYPR

Ceph Ansible

by Ceph

Source repositories

CVEs (2)

  • CVE-2020-1716May 28, 2021
    risk 0.00cvss epss 0.01

    A flaw was found in the ceph-ansible playbook where it contained hardcoded passwords that were being used as default passwords while deploying Ceph services. Any authenticated attacker can abuse this flaw to brute-force Ceph deployments, and gain administrator access to Ceph…

  • CVE-2020-25677Dec 8, 2020
    risk 0.00cvss epss 0.00

    A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions. This flaw allows any user on the system to read sensitive information within this file. The highest threat from this vulnerability is to confidentiality.