Return-Path: X-Original-To: apmail-cloudstack-issues-archive@www.apache.org Delivered-To: apmail-cloudstack-issues-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 5018F106BC for ; Fri, 19 Jul 2013 23:00:52 +0000 (UTC) Received: (qmail 98328 invoked by uid 500); 19 Jul 2013 23:00:51 -0000 Delivered-To: apmail-cloudstack-issues-archive@cloudstack.apache.org Received: (qmail 98307 invoked by uid 500); 19 Jul 2013 23:00:51 -0000 Mailing-List: contact issues-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list issues@cloudstack.apache.org Received: (qmail 98271 invoked by uid 500); 19 Jul 2013 23:00:51 -0000 Delivered-To: apmail-incubator-cloudstack-issues@incubator.apache.org Received: (qmail 98260 invoked by uid 99); 19 Jul 2013 23:00:51 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 19 Jul 2013 23:00:51 +0000 Date: Fri, 19 Jul 2013 23:00:51 +0000 (UTC) From: "Amogh Vasekar (JIRA)" To: cloudstack-issues@incubator.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Resolved] (CLOUDSTACK-3308) UCS:DB: UCS Manager password should not get stored in plain text. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/CLOUDSTACK-3308?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Amogh Vasekar resolved CLOUDSTACK-3308. --------------------------------------- Resolution: Fixed > UCS:DB: UCS Manager password should not get stored in plain text. > ----------------------------------------------------------------- > > Key: CLOUDSTACK-3308 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-3308 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the default.) > Components: UCS > Affects Versions: 4.2.0 > Environment: Master with UCS and Basic Baremetal > Reporter: Parth Jagirdar > Assignee: Amogh Vasekar > Priority: Blocker > Fix For: 4.2.0 > > > Observe the table below. > UCS manager password gets stored in plain text. > mysql> select * from ucs_manager; > +----+--------------------------------------+---------+------------+--------------+----------+----------------+ > | id | uuid | zone_id | name | url | username | password | > +----+--------------------------------------+---------+------------+--------------+----------+----------------+ > | 1 | ec179fa5-a38c-4df0-a688-b89c29764b1d | 2 | ucsmanager | 10.223.184.2 | admin | C1tr1x99 | > | 2 | c14c6917-274b-47f1-b2f8-e7af767fe5c6 | 2 | ucsmanager | 10.223.184.2 | admin | C1tr1x99 | > | 3 | 10e7ef23-f9b9-49f4-aac5-8508eb882a52 | 2 | ucsmanager | 10.223.184.2 | admin | C1tr1x99 | > | 4 | be42a44f-4ae6-41ba-9e13-76a7707dcf5e | 2 | ucsmanager | 10.223.184.2 | admin | C1tr1x99 | > | 5 | b464511b-e961-4b65-9c9c-9cf5974f5cd1 | 2 | ucsmanager | 10.223.184.2 | admin | C1tr1x99 | > | 6 | dd669374-27f8-49d3-9425-498af6bbc16e | 2 | ucsmanager | 10.223.184.2 | admin | C1tr1x99 | > | 7 | 7e902e15-e634-41a9-9bed-d6134bb7a377 | 2 | ucsmanager | 10.223.184.2 | admin | C1tr1x99 | > | 8 | 1d6775c8-270a-461c-9b28-7b1b2acbbd5e | 2 | ucsmanager | 10.223.184.2 | aa | C1tr1x99 | > | 9 | 4da9accc-eb7c-42fb-a23c-3c45716db1f5 | 2 | ucsmanager | 10.223.184.2 | admin | C1tr1x99 | > | 10 | 55023c65-4470-4ee7-b264-f19cd4065c75 | 2 | ucsmanager | 10.223.184.2 | admin | wrong-password | > +----+--------------------------------------+---------+------------+--------------+----------+----------------+ > 10 rows in set (0.00 sec) -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira