VDB
DEBIAN-CVE-2020-25678
DEBIAN-CVE-2020-25678
PUBLISHED
CVSS 4.400000095367432 MEDIUM
A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible.
Risk Scores
CVSS v3.1
4.400000095367432
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | ceph | 0, 0, 0 |
| Debian:13 | ceph | 0, 0, 0 |
| Debian:14 | ceph | 0, 0, 0 |
| Debian:11 | ceph | 0, 0, 0 |
Timeline
- Jan 8, 2021 CVE Published
- Apr 28, 2026 CVE Updated