Unrated severityNVD Advisory· Published Jun 22, 2020· Updated Aug 4, 2024
CVE-2020-10736
CVE-2020-10736
Description
An authorization bypass vulnerability was found in Ceph versions 15.2.0 before 15.2.2, where the ceph-mon and ceph-mgr daemons do not properly restrict access, resulting in gaining access to unauthorized resources. This flaw allows an authenticated client to modify the configuration and possibly conduct further attacks.
Affected products
2- Ceph/Cephdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM
- ceph.io/releases/v15-2-2-octopus-released/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.