← back
CVE-2020-10763

CVE-2020-10763

EPSS 0.4%CWE-532
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
24 Nov 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An information-disclosure flaw was found in the way Heketi before 10.1.0 logs sensitive information. This flaw allows an attacker with local access to the Heketi server to read potentially sensitive information such as gluster-block passwords.
Affected products
n/a · heketi

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.redhat.com/show_bug.cgi?id=1845387https://github.com/heketi/heketi/releases/tag/v10.1.0