A vulnerability was found in ceph-ansible, where hard-coded passwords were found in roles/ceph-defaults/defaults/main.yml.
Change and use strong passwords in ceph-ansible playbook
Name: Sarthak Srivastava
The version of ceph-ansible included in Red Hat OpenStack 15 was temporary, OpenStack 15 installations will consume updates to this package from Ceph channels.
Created ceph-ansible tracking bugs for this issue:
Affects: fedora-30 [bug 1813137]
This issue has been addressed in the following products:
Red Hat Ceph Storage 4.1
Via RHSA-2020:2231 https://access.redhat.com/errata/RHSA-2020:2231
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):