Oval Definition:oval:org.opensuse.security:def:202025677
Revision Date:2022-09-02Version:1
Title:CVE-2020-25677
Description:

A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions. This flaw allows any user on the system to read sensitive information within this file. The highest threat from this vulnerability is to confidentiality.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2020-25677
SUSE CVE-2020-25677
Platform(s):SUSE CaaS Platform 4.0
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Manager Proxy 4.0
SUSE Manager Retail Branch Server 4.0
SUSE Manager Server 4.0
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND ceph is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND
  • ceph-common is not affected
  • OR libcephfs2 is not affected
  • OR librados2 is not affected
  • OR libradosstriper1 is not affected
  • OR librbd1 is not affected
  • OR librgw2 is not affected
  • OR python-cephfs is not affected
  • OR python-rados is not affected
  • OR python-rbd is not affected
  • OR python-rgw is not affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • ceph-common is not affected
  • OR libcephfs-devel is not affected
  • OR libcephfs2 is not affected
  • OR librados-devel is not affected
  • OR librados2 is not affected
  • OR libradosstriper-devel is not affected
  • OR libradosstriper1 is not affected
  • OR librbd-devel is not affected
  • OR librbd1 is not affected
  • OR librgw-devel is not affected
  • OR librgw2 is not affected
  • OR python3-cephfs is not affected
  • OR python3-rados is not affected
  • OR python3-rbd is not affected
  • OR python3-rgw is not affected
  • OR rados-objclass-devel is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND ceph is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND
  • ceph-common is not affected
  • OR libcephfs2 is not affected
  • OR librados2 is not affected
  • OR libradosstriper1 is not affected
  • OR librbd1 is not affected
  • OR librgw2 is not affected
  • OR python-cephfs is not affected
  • OR python-rados is not affected
  • OR python-rbd is not affected
  • OR python-rgw is not affected
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND ceph is not affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 8 is installed
  • OR SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • ceph-common is not affected
  • OR libcephfs2 is not affected
  • OR librados2 is not affected
  • OR libradosstriper1 is not affected
  • OR librbd1 is not affected
  • OR librgw2 is not affected
  • OR python-cephfs is not affected
  • OR python-rados is not affected
  • OR python-rbd is not affected
  • OR python-rgw is not affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 9 is installed
  • OR SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • ceph-common is not affected
  • OR libcephfs2 is not affected
  • OR librados2 is not affected
  • OR libradosstriper1 is not affected
  • OR librbd1 is not affected
  • OR librgw2 is not affected
  • OR python-cephfs is not affected
  • OR python-rados is not affected
  • OR python-rbd is not affected
  • OR python-rgw is not affected
    • Definition Synopsis
  • Release Information
  • SUSE CaaS Platform 4.0 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND Package Information
  • ceph-common is affected
  • OR libcephfs-devel is affected
  • OR libcephfs2 is affected
  • OR librados-devel is affected
  • OR librados2 is affected
  • OR libradospp-devel is affected
  • OR librbd-devel is affected
  • OR librbd1 is affected
  • OR librgw-devel is affected
  • OR librgw2 is affected
  • OR python3-ceph-argparse is affected
  • OR python3-cephfs is affected
  • OR python3-rados is affected
  • OR python3-rbd is affected
  • OR python3-rgw is affected
  • OR rados-objclass-devel is affected
    • Definition Synopsis
  • Release Information
  • SUSE Manager Proxy 4.0 is installed
  • OR SUSE Manager Retail Branch Server 4.0 is installed
  • OR SUSE Manager Server 4.0 is installed
  • AND ceph is affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND
  • ceph-common is affected
  • OR libcephfs-devel is affected
  • OR libcephfs2 is affected
  • OR librados-devel is affected
  • OR librados2 is affected
  • OR libradospp-devel is affected
  • OR librbd-devel is affected
  • OR librbd1 is affected
  • OR librgw-devel is affected
  • OR librgw2 is affected
  • OR python3-ceph-argparse is affected
  • OR python3-cephfs is affected
  • OR python3-rados is affected
  • OR python3-rbd is affected
  • OR python3-rgw is affected
  • OR rados-objclass-devel is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND ceph is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND
  • ceph-common is not affected
  • OR libcephfs2 is not affected
  • OR librados2 is not affected
  • OR libradosstriper1 is not affected
  • OR librbd1 is not affected
  • OR librgw2 is not affected
  • OR python-cephfs is not affected
  • OR python-rados is not affected
  • OR python-rbd is not affected
  • OR python-rgw is not affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND Package Information
  • ceph-common is not affected
  • OR libcephfs2 is not affected
  • OR librados2 is not affected
  • OR libradosstriper1 is not affected
  • OR librbd1 is not affected
  • OR librgw2 is not affected
  • OR python-cephfs is not affected
  • OR python-rados is not affected
  • OR python-rbd is not affected
  • OR python-rgw is not affected
    • BACK