Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the leaking of encryption key information in log files via plaintext. Versions up to v13.2.4 are vulnerable.
CVSS Information
N/A
Vulnerability Type
通过日志文件的信息暴露
Vulnerability Title
debug 日志信息泄露漏洞
Vulnerability Description
Red Hat Ceph是美国红帽(Red Hat)公司的一套Linux PB级分布式文件系统。该系统的主要目标是设计成基于POSIX(可移植操作系统接口)的没有单点故障的分布式文件系统,使数据能容错和无缝的复制。 Ceph v13.2.4之前的版本存在日志信息泄露漏洞。该漏洞源于未正确清理调试日志记录中的加密密钥,这导致日志文件中的加密密钥信息通过明文泄露。
CVSS Information
N/A
Vulnerability Type
N/A