cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CLOUDSTACK-6287) While adding Secondary storage as SMB/CIFS in CS 4.3 Domain controller password appears in plan text in key/pair value.
Date Mon, 21 Apr 2014 08:38:15 GMT

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-6287?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13975482#comment-13975482
] 

ASF subversion and git services commented on CLOUDSTACK-6287:
-------------------------------------------------------------

Commit 57f3e21317ee77befcb7af7d2c6cf5f1c0eacffa in cloudstack's branch refs/heads/master from
[~anshulg]
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=57f3e21 ]

CLOUDSTACK-6287, CLOUDSTACK-6315 : fixed password visible in plain text in some hyperv request
params/json response


> While adding Secondary storage as SMB/CIFS in CS 4.3 Domain controller password appears
in plan text in key/pair value.
> -----------------------------------------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-6287
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6287
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Hypervisor Controller, Storage Controller
>    Affects Versions: 4.3.0
>         Environment: CentOS 6.3 x64-64, Hyperv hypervisor
>            Reporter: Tejas
>            Assignee: Anshul Gangwar
>            Priority: Critical
>              Labels: security
>
> While adding Secondary storage as SMB/CIFS in CS 4.3 Domain controller password appears
in plan text in key/pair value.
> Logs are as below,
> 2014-03-27 09:49:47,611 INFO  [o.a.c.s.d.l.CloudStackImageStoreLifeCycleImpl] (catalina-exec-12:ctx-bd85f47b
ctx-df8f3444) Trying to add a new data store at cifs://10.129.151.61/Secondary to data center
1
> 2014-03-27 09:49:47,977 DEBUG [c.c.a.ApiServlet] (catalina-exec-12:ctx-bd85f47b ctx-df8f3444)
===END===  10.129.150.62 -- GET  command=addImageStore&response=json&sessionkey=pjC%2B%2FjnddbFmQI7MtdDgo%2Bf5JmQ%3D&name=Secondary&provider=SMB&zoneid=5e5a7fee-9e4e-47df-86fa-c19da8240e84&url=cifs%3A%2F%2F10.129.151.61%2FSecondary&details%5B0%5D.key=user&details%5B0%5D.value=administrator&details%5B1%5D.key=password&details%5B1%5D.value=C1sco123&details%5B2%5D.key=domain&details%5B2%5D.value=nw.com&_=1395893875835



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message