A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2021-01-08T17:59:34

Updated: 2024-08-04T15:40:36.768Z

Reserved: 2020-09-16T00:00:00

Link: CVE-2020-25678

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-01-08T18:15:13.293

Modified: 2024-11-21T05:18:26.617

Link: CVE-2020-25678

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-11-23T00:00:00Z

Links: CVE-2020-25678 - Bugzilla