An access flaw was found in Heketi 5, where the heketi.json configuration file was world readable. An attacker having local access to the Heketi server could read plain-text passwords from the heketi.json file.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/heketi/heketi | lt | 5.0.1 |