High severity8.1NVD Advisory· Published Jul 10, 2018· Updated Jun 17, 2026
CVE-2018-10861
CVE-2018-10861
Description
A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12- osv-coords10 versionspkg:rpm/opensuse/ceph&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/ceph-test&distro=openSUSE%20Leap%2015.0pkg:rpm/suse/ceph&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/ceph&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/ceph-test&distro=SUSE%20Enterprise%20Storage%204
< 13.2.4.125+gad802694f5-lp150.2.3.1+ 9 more
- (no CPE)range: < 13.2.4.125+gad802694f5-lp150.2.3.1
- (no CPE)range: < 13.2.4.125+gad802694f5-lp150.2.3.1
- (no CPE)range: < 10.2.11+git.1531487710.3a12911a2e-12.14.2
- (no CPE)range: < 12.2.5+git.1530082629.8cbf63d997-2.16.1
- (no CPE)range: < 12.2.7+git.1531910353.c0ef85b854-2.12.1
- (no CPE)range: < 13.2.4.125+gad802694f5-3.7.2
- (no CPE)range: < 12.2.7+git.1531910353.c0ef85b854-2.12.1
- (no CPE)range: < 12.2.7+git.1531910353.c0ef85b854-2.12.1
- (no CPE)range: < 12.2.7+git.1531910353.c0ef85b854-2.12.1
- (no CPE)range: < 10.2.11+git.1531487710.3a12911a2e-12.14.2
- Red Hat, Inc./cephv5Range: all versions in branches master, mimic, luminous and jewel
Patches
Vulnerability mechanics
References
10- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- github.com/ceph/ceph/commit/975528f632f73fbffa3f1fee304e3bbe3296cffcnvdPatchThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.htmlnvdThird Party Advisory
- tracker.ceph.com/issues/24838nvdIssue TrackingVendor Advisory
- www.securityfocus.com/bid/104742nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2018:2177nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:2179nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:2261nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:2274nvdThird Party Advisory
- www.debian.org/security/2018/dsa-4339nvdThird Party Advisory
News mentions
0No linked articles in our index yet.