The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti prior to 2.9.7, 2.10.x prior to 2.10.8, 2.11.x prior to 2.11.8, 2.12.x prior to 2.12.6, 2.13.x prior to 2.13.3, 2.14.x prior to 2.14.2, and 2.15.x prior to 2.15.2 allows remote malicious users to obtain the DRBD secret via instance information job results.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
spi-inc ganeti 2.15.0 |
||
spi-inc ganeti 2.13.1 |
||
spi-inc ganeti 2.13.2 |
||
spi-inc ganeti 2.12.4 |
||
spi-inc ganeti 2.12.5 |
||
spi-inc ganeti 2.10.0 |
||
spi-inc ganeti 2.10.7 |
||
spi-inc ganeti 2.11.0 |
||
spi-inc ganeti 2.11.5 |
||
spi-inc ganeti 2.11.6 |
||
spi-inc ganeti 2.14.1 |
||
spi-inc ganeti 2.14.0 |
||
spi-inc ganeti 2.13.0 |
||
spi-inc ganeti 2.12.1 |
||
spi-inc ganeti 2.12.0 |
||
spi-inc ganeti 2.10.2 |
||
spi-inc ganeti 2.10.3 |
||
spi-inc ganeti 2.10.4 |
||
spi-inc ganeti 2.11.1 |
||
spi-inc ganeti 2.11.2 |
||
spi-inc ganeti 2.12.2 |
||
spi-inc ganeti 2.12.3 |
||
spi-inc ganeti 2.10.5 |
||
spi-inc ganeti 2.10.6 |
||
spi-inc ganeti 2.11.3 |
||
spi-inc ganeti 2.11.4 |
||
spi-inc ganeti 2.15.1 |
||
spi-inc ganeti 2.10.1 |
||
spi-inc ganeti 2.11.7 |
||
spi-inc ganeti |