rpm package
suse/ceph&distro=SUSE Linux Enterprise Module for Basesystem 15 SP1
pkg:rpm/suse/ceph&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1
Vulnerabilities (10)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-27781 | — | < 14.2.16.402+g7d47dbaf4d-3.57.1 | 14.2.16.402+g7d47dbaf4d-3.57.1 | Dec 18, 2020 | User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved vi | ||
| CVE-2020-25660 | — | < 14.2.13.450+g65ea1b614d-3.52.1 | 14.2.13.450+g65ea1b614d-3.52.1 | Nov 23, 2020 | A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to authen | ||
| CVE-2020-10753 | — | < 14.2.9.970+ged84cae0c9-3.41.1 | 14.2.9.970+ged84cae0c9-3.41.1 | Jun 26, 2020 | A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the | ||
| CVE-2020-1760 | — | < 14.2.5.389+gb0f23ac248-3.35.2 | 14.2.5.389+gb0f23ac248-3.35.2 | Apr 23, 2020 | A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potential XSS attacks due to the lack of proper neutralization of untrusted input. | ||
| CVE-2020-1699 | — | < 14.2.5.382+g8881d33957-3.30.1 | 14.2.5.382+g8881d33957-3.30.1 | Apr 21, 2020 | A path traversal flaw was found in the Ceph dashboard implemented in upstream versions v14.2.5, v14.2.6, v15.0.0 of Ceph storage and has been fixed in versions 14.2.7 and 15.1.0. An unauthenticated attacker could use this flaw to cause information disclosure on the host machine r | ||
| CVE-2020-1759 | — | < 14.2.5.389+gb0f23ac248-3.35.2 | 14.2.5.389+gb0f23ac248-3.35.2 | Apr 13, 2020 | A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by | ||
| CVE-2020-1700 | — | < 14.2.5.382+g8881d33957-3.30.1 | 14.2.5.382+g8881d33957-3.30.1 | Feb 7, 2020 | A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent leak of a socket connection by radosgw. This flaw could lead to a denial of servi | ||
| CVE-2019-10222 | — | < 14.2.2.349+g6716a1e448-3.9.1 | 14.2.2.349+g6716a1e448-3.9.1 | Nov 8, 2019 | A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clie | ||
| CVE-2019-3821 | — | < 14.2.1.468+g994fd9e0cc-3.3.2 | 14.2.1.468+g994fd9e0cc-3.3.2 | Mar 27, 2019 | A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL enabled. An unauthenticated attacker could create multiple connections to ceph RADOS gateway to exhaust file descriptors for ceph-radosgw service resulting in a remote denial of servi | ||
| CVE-2018-16889 | — | < 14.2.1.468+g994fd9e0cc-3.3.2 | 14.2.1.468+g994fd9e0cc-3.3.2 | Jan 28, 2019 | Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the leaking of encryption key information in log files via plaintext. Versions up to v13.2.4 are vulnerable. |
- CVE-2020-27781Dec 18, 2020affected < 14.2.16.402+g7d47dbaf4d-3.57.1fixed 14.2.16.402+g7d47dbaf4d-3.57.1
User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved vi
- CVE-2020-25660Nov 23, 2020affected < 14.2.13.450+g65ea1b614d-3.52.1fixed 14.2.13.450+g65ea1b614d-3.52.1
A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to authen
- CVE-2020-10753Jun 26, 2020affected < 14.2.9.970+ged84cae0c9-3.41.1fixed 14.2.9.970+ged84cae0c9-3.41.1
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the
- CVE-2020-1760Apr 23, 2020affected < 14.2.5.389+gb0f23ac248-3.35.2fixed 14.2.5.389+gb0f23ac248-3.35.2
A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potential XSS attacks due to the lack of proper neutralization of untrusted input.
- CVE-2020-1699Apr 21, 2020affected < 14.2.5.382+g8881d33957-3.30.1fixed 14.2.5.382+g8881d33957-3.30.1
A path traversal flaw was found in the Ceph dashboard implemented in upstream versions v14.2.5, v14.2.6, v15.0.0 of Ceph storage and has been fixed in versions 14.2.7 and 15.1.0. An unauthenticated attacker could use this flaw to cause information disclosure on the host machine r
- CVE-2020-1759Apr 13, 2020affected < 14.2.5.389+gb0f23ac248-3.35.2fixed 14.2.5.389+gb0f23ac248-3.35.2
A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by
- CVE-2020-1700Feb 7, 2020affected < 14.2.5.382+g8881d33957-3.30.1fixed 14.2.5.382+g8881d33957-3.30.1
A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent leak of a socket connection by radosgw. This flaw could lead to a denial of servi
- CVE-2019-10222Nov 8, 2019affected < 14.2.2.349+g6716a1e448-3.9.1fixed 14.2.2.349+g6716a1e448-3.9.1
A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clie
- CVE-2019-3821Mar 27, 2019affected < 14.2.1.468+g994fd9e0cc-3.3.2fixed 14.2.1.468+g994fd9e0cc-3.3.2
A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL enabled. An unauthenticated attacker could create multiple connections to ceph RADOS gateway to exhaust file descriptors for ceph-radosgw service resulting in a remote denial of servi
- CVE-2018-16889Jan 28, 2019affected < 14.2.1.468+g994fd9e0cc-3.3.2fixed 14.2.1.468+g994fd9e0cc-3.3.2
Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the leaking of encryption key information in log files via plaintext. Versions up to v13.2.4 are vulnerable.