Lucene search

K

PRIOn knowledge basePRION:CVE-2015-7945

HistoryAug 18, 2017 - 5:29 p.m.

Design/Logic Flaw

2017-08-1817:29:00

PRIOn knowledge base

www.prio-n.com

2

6.8 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.1%

The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2 allows remote attackers to obtain the DRBD secret via instance information job results.

CPENameOperatorVersion
ganetile2.9.6
ganetieq2.11.7
ganetieq2.11.6
ganetieq2.12.0
ganetieq2.12.0 beta1
ganetieq2.12.4
ganetieq2.12.3
ganetieq2.13.0
ganetieq2.12.5
ganetieq2.12.0 rc2

Rows per page:

1-10 of 471

References

docs.ganeti.org/ganeti/2.10/html/news.html

docs.ganeti.org/ganeti/2.11/html/news.html

docs.ganeti.org/ganeti/2.12/html/news.html

docs.ganeti.org/ganeti/2.13/html/news.html

docs.ganeti.org/ganeti/2.14/html/news.html

docs.ganeti.org/ganeti/2.15/html/news.html

docs.ganeti.org/ganeti/2.9/html/news.html

packetstormsecurity.com/files/135101/Ganeti-Leaked-Secret-Denial-Of-Service.html

www.debian.org/security/2016/dsa-3431

www.ocert.org/advisories/ocert-2015-012.html

www.exploit-db.com/exploits/39169/

6.8 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.1%

Related for PRION:CVE-2015-7945

cve1 ubuntucve1 nvd1 cvelist1 debiancve1 nessus1 exploitpack1 packetstorm1 zdt1 openvas2 debian1 exploitdb1