Issue Date: 11/11/2018
Title: Panzura Security Advisory CloudFS-2018-003
Classification: High
Status: Closed
Affected Products: All supported versions

Summary

Security Vulnerabilities related to passwords.

Details

Under some rare circumstances, Active Directory (AD) accounts used for logging in as an admin user into the Panzura filer’s WebUI may result in a security vulnerability exposing user passwords in an error log if the login fails. This can happen if the filer is configured to an incorrect AD server or the AD server is unavailable due to network related issues. This issue does not impact users using AD authentication to mount and access files on the Panzura filer.

Customers who have configured AD authentication to login to the Panzura web-based management interface are encouraged to upgrade to Panzura CloudFS 7.1.6.1 or above to resolve this security vulnerability.

A complete list of security advisories can be found here.