Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spi-inc ganeti 2.10.6 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-5247
The _UpgradeBeforeConfigurationChange function in lib/client/gnt_cluster.py in Ganeti 2.10.0 prior to 2.10.7 and 2.11.0 prior to 2.11.5 uses world-readable permissions for the configuration backup file, which allows local users to obtain SSL keys, remote API credentials, and othe...