The admin command in ceph-deploy prior to 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ceph ceph-deploy |