Vulnerabilities > Redhat > Ceph Storage > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-08 | CVE-2020-25677 | Cleartext Storage of Sensitive Information vulnerability in multiple products A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions. | 2.1 |
| 2019-01-15 | CVE-2018-14662 | Improper Authorization vulnerability in multiple products It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption. | 2.7 |
| 2018-07-10 | CVE-2018-1129 | Improper Authentication vulnerability in multiple products A flaw was found in the way signature calculation was handled by cephx authentication protocol. | 3.3 |
| 2018-04-24 | CVE-2018-1059 | Information Exposure vulnerability in multiple products The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. | 2.9 |