Lucene search
Veracode Vulnerability DatabaseVERACODE:5591HistoryDec 19, 2017 - 5:55 p.m.
Information Disclosure Through Insecure Defaults
2017-12-1917:55:46
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
0.001 Low
EPSS
Percentile
25.3%
github.com/heketi/heketi is vulnerable to information disclosure through insecure defaults. The application by default sets the /etc/heketi/heketi.json as world readable, allowing a malicious user to access sensitive information contained in it such as passwords.
Related
cve
cve
CVE-2017-15104
2017-12-18 19:29:00
redhatcve
redhatcve
CVE-2017-15104
2017-12-18 17:16:37
CVE-2017-15103
2017-12-18 17:16:19
osv
osv
Information Exposure in Heketi
2022-02-15 01:57:18
CVE-2017-15104
2017-12-18 19:29:00
prion
prion
Design/Logic Flaw
2017-12-18 19:29:00
cvelist
cvelist
CVE-2017-15104
2017-12-18 19:00:00
nvd
nvd
CVE-2017-15104
2017-12-18 19:29:00
github
github
Information Exposure in Heketi
2022-02-15 01:57:18
fedora
fedora
[SECURITY] Fedora 26 Update: heketi-5.0.1-1.fc26
2018-01-10 22:23:58
[SECURITY] Fedora 27 Update: heketi-5.0.1-1.fc27
2018-01-10 22:39:22
redhat
redhat
(RHSA-2017:3481) Important: heketi security update
2017-12-18 17:14:51
nessus
nessus
RHEL 7 : heketi (RHSA-2017:3481)
2017-12-21 00:00:00
Fedora 26 : heketi (2017-f7cbe22fd8)
2018-01-11 00:00:00
Fedora 27 : heketi (2017-01ad8b3946)
2018-01-15 00:00:00
openvas
openvas
Fedora Update for heketi FEDORA-2017-f7cbe22fd8
2018-01-11 00:00:00
Fedora Update for heketi FEDORA-2017-01ad8b3946
2018-01-11 00:00:00