Lucene search

K

MitreCVELIST:CVE-2015-7945

HistoryAug 18, 2017 - 5:00 p.m.

CVE-2015-7945

2017-08-1817:00:00

mitre

www.cve.org

7.3 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.1%

The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2 allows remote attackers to obtain the DRBD secret via instance information job results.

References

docs.ganeti.org/ganeti/2.10/html/news.html#version-2-10-8

docs.ganeti.org/ganeti/2.11/html/news.html#version-2-11-8

docs.ganeti.org/ganeti/2.12/html/news.html#version-2-12.6

docs.ganeti.org/ganeti/2.13/html/news.html#version-2-13-3

docs.ganeti.org/ganeti/2.14/html/news.html#version-2-14-2

docs.ganeti.org/ganeti/2.15/html/news.html#version-2-15-2

docs.ganeti.org/ganeti/2.9/html/news.html#version-2-9-7

packetstormsecurity.com/files/135101/Ganeti-Leaked-Secret-Denial-Of-Service.html

www.debian.org/security/2016/dsa-3431

www.ocert.org/advisories/ocert-2015-012.html

www.exploit-db.com/exploits/39169/

7.3 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.1%

Related for CVELIST:CVE-2015-7945

cve1 ubuntucve1 nvd1 prion1 debiancve1 nessus1 exploitpack1 packetstorm1 zdt1 openvas2 debian1 exploitdb1