Storage Console

storage_console

Vendor: Redhat • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-7481 3Canonical DebianRedhat 9Ansible Engine Debian LinuxGluster Storage+6 more Nov 21, 2024 Jul 19, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2...Show more Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.Show less
CVE-2017-2665 2Mongodb Redhat 2Mongodb Storage Console Nov 21, 2024 Jul 6, 2018 N/A· v4 7.0 HIGH· v3 1.9 LOW· v2 The skyring-setup command creates random password for mongodb skyring database but it writes password in plain text to /etc/skyring/skyring.conf file which is owned by root but read by local user. Any local user who has...Show more The skyring-setup command creates random password for mongodb skyring database but it writes password in plain text to /etc/skyring/skyring.conf file which is owned by root but read by local user. Any local user who has access to system running skyring service will be able to get password in plain text.Show less
CVE-2016-7062 1Redhat 2Storage Console Storage Console Node May 13, 2026 Jun 27, 2017 N/A· v4 7.8 HIGH· v3 2.1 LOW· v2 rhscon-ceph in Red Hat Storage Console 2 x86_64 and Red Hat Storage Console Node 2 x86_64 allows local users to obtain the password as cleartext.