CVE-2015-3010 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	2.1 UNKNOWN	LOCAL	LOW		AV:L/AC:L/Au:N/C:P/I:N/A:N
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 14%

Vendor	Product	Version
ceph	ceph-deploy	1.5.22

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

ceph-deploy

disco	not-affected
cosmic	not-affected
bionic	not-affected
artful	ignored
zesty	ignored
yakkety	ignored
xenial	not-affected
wily	ignored
vivid	ignored
utopic	ignored
trusty	dne
precise	dne
lucid	dne

Common Weakness Enumeration

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155576.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155631.html

http://rhn.redhat.com/errata/RHSA-2015-1092.html

http://www.openwall.com/lists/oss-security/2015/04/09/11

http://www.openwall.com/lists/oss-security/2015/04/09/9

http://www.securityfocus.com/bid/74043

https://bugzilla.suse.com/show_bug.cgi?id=920926

https://github.com/ceph/ceph-deploy/commit/eee56770393bf19ed2dd5389226c6190c08dee3f

https://github.com/ceph/ceph-deploy/pull/272

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155576.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155631.html

http://rhn.redhat.com/errata/RHSA-2015-1092.html

http://www.openwall.com/lists/oss-security/2015/04/09/11

http://www.openwall.com/lists/oss-security/2015/04/09/9

http://www.securityfocus.com/bid/74043

https://bugzilla.suse.com/show_bug.cgi?id=920926

https://github.com/ceph/ceph-deploy/commit/eee56770393bf19ed2dd5389226c6190c08dee3f

https://github.com/ceph/ceph-deploy/pull/272