Unrated severityNVD Advisory· Published Jul 25, 2022· Updated Aug 2, 2024
CVE-2022-0670
CVE-2022-0670
Description
A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system. Fixed in RHCS 5.2 and Ceph 17.2.2.
Affected products
12- Openstack/manilladescription
- osv-coords11 versionspkg:bitnami/cephpkg:rpm/opensuse/ceph&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/ceph&distro=openSUSE%20Leap%20Micro%205.3pkg:rpm/opensuse/ceph-test&distro=openSUSE%20Leap%2015.4pkg:rpm/suse/ceph&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3
>= 15.0.0, < 15.2.17+ 10 more
- (no CPE)range: >= 15.0.0, < 15.2.17
- (no CPE)range: < 16.2.11.58+g38d6afd3b78-150400.3.6.1
- (no CPE)range: < 16.2.11.58+g38d6afd3b78-150400.3.6.1
- (no CPE)range: < 16.2.11.58+g38d6afd3b78-150400.3.6.1
- (no CPE)range: < 16.2.11.58+g38d6afd3b78-150300.3.6.1
- (no CPE)range: < 16.2.11.58+g38d6afd3b78-150300.5.7.1
- (no CPE)range: < 16.2.11.58+g38d6afd3b78-150300.5.7.1
- (no CPE)range: < 16.2.11.58+g38d6afd3b78-150400.3.6.1
- (no CPE)range: < 16.2.11.58+g38d6afd3b78-150400.3.6.1
- (no CPE)range: < 16.2.11.58+g38d6afd3b78-150400.3.6.1
- (no CPE)range: < 16.2.11.58+g38d6afd3b78-150300.5.7.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5O3XMDFZWA2FWU6GAYOVSFJPOUTXN42N/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TIRTTRG5O4YP2TNGDCDOHIHP2DM3DFBT/mitrevendor-advisoryx_refsource_FEDORA
- ceph.io/en/news/blog/2022/v17-2-2-quincy-released/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.