Bug 2184449 (CVE-2020-21514)
| Summary: | CVE-2020-21514 fluentd: Default admin credentials not required to change after installation | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Pedro Sampaio <psampaio> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED NOTABUG | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | dfreiber, eglynn, jbadiapa, jburrell, jjoyce, lars, lhh, mburns, mgarciac, michal.skrivanek, mmagr, mperina, mrunge, rogbas, sbonazzo, spower, vkumar |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: |
A flaw was found in Fluentd and fluent-ui. This issue may allow an attacker to gain escalated privileges and execute arbitrary code due to allowing a default password at install time.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2023-04-17 13:04:51 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 2184450 | ||
|
Description
Pedro Sampaio
2023-04-04 17:57:41 UTC
AFAICT we're not shipping it since RHV 4.2. 4.2 is in ELP and we're not shipping any fixes This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-21514 |