CVE-2015-7944
- EPSS 18.96%
- Veröffentlicht 18.08.2017 17:29:01
- Zuletzt bearbeitet 20.04.2025 01:37:25
The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2, when used in SSL mode, allows remo...
CVE-2015-7945
- EPSS 13.55%
- Veröffentlicht 18.08.2017 17:29:01
- Zuletzt bearbeitet 20.04.2025 01:37:25
The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2 allows remote attackers to obtain t...
CVE-2014-5247
- EPSS 0.07%
- Veröffentlicht 29.08.2014 16:55:12
- Zuletzt bearbeitet 12.04.2025 10:46:40
The _UpgradeBeforeConfigurationChange function in lib/client/gnt_cluster.py in Ganeti 2.10.0 before 2.10.7 and 2.11.0 before 2.11.5 uses world-readable permissions for the configuration backup file, which allows local users to obtain SSL keys, remote...