Lucene search
HistoryJun 08, 2015 - 2:59 p.m.
CVE-2015-4053
cve-2015-4053
ceph-deploy
sensitive information disclosure
local users
nvd
5.8 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file.
Affected configurations
Node
cephceph-deployRange≤1.5.22
| CPE | Name | Operator | Version |
|---|---|---|---|
| ceph:ceph-deploy | ceph ceph-deploy | le | 1.5.22 |
Related
ubuntucve
ubuntucve
CVE-2015-4053
2015-06-08 00:00:00
prion
prion
Command injection
2015-06-08 14:59:00
osv
osv
PYSEC-2015-3
2015-06-08 14:59:00
nvd
nvd
CVE-2015-4053
2015-06-08 14:59:14
cvelist
cvelist
CVE-2015-4053
2015-06-08 14:00:00
github
github
ceph-deploy uses world-readable permissions on client.admin key
2022-05-17 04:12:25
redhat
redhat
(RHSA-2015:1631) Moderate: ceph-deploy security update
2015-08-17 07:23:49
(RHSA-2015:1092) Moderate: ceph-deploy security update
2015-06-11 15:49:16
(RHSA-2015:1579) Moderate: ceph-deploy security update
2015-08-07 00:52:39
nessus
nessus
RHEL 6 / 7 : ceph-deploy (RHSA-2015:1092)
2015-06-15 00:00:00
5.8 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
Related for CVE-2015-4053