6 matches found
openstack-tripleo-heat-templates: Ceph client keyring is world-readable when deployed by director
A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack...
openstack-tripleo-heat-templates: Ceph client keyring is world-readable when deployed by director
A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack...
openstack-tripleo-heat-templates: Ceph client keyring is world-readable when deployed by director
A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack...
openstack-tripleo-heat-templates package information disclosure vulnerability
The openstack-triple-heat-templates package is a set of generic template packages that support installation, upgrades, and other operations on the Openstack platform using the Openstack Cloud Facility. A security vulnerability exists in the openstack-tripleo-heat-templates package that stems from...
UBUNTU-CVE-2017-12155
A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack...
ceph-deploy admin command copies keyring file to /etc/ceph which is world readable
It was discovered that ceph-deploy, a utility for deploying Red Hat Ceph Storage, would create the keyring file with world readable permissions, which could possibly allow a local user to obtain authentication credentials from the keyring file...