Skip to main content

Ceph Storage Osd

4 CVEs product

Monthly

CVE-2018-1129 MEDIUM PATCH This Month

A flaw was found in the way signature calculation was handled by cephx authentication protocol. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Ceph Storage Ceph Storage Mon Ceph Storage Osd Enterprise Linux +6
NVD GitHub
CVSS 3.0
6.5
EPSS
1.9%
CVE-2018-1128 HIGH PATCH This Week

It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Rated high severity (CVSS 7.5), this vulnerability is no authentication required.

Information Disclosure Ceph Storage Ceph Storage Mon Ceph Storage Osd Enterprise Linux +6
NVD GitHub
CVSS 3.0
7.5
EPSS
1.4%
CVE-2018-10861 HIGH PATCH This Week

A flaw was found in the way ceph mon handles user requests. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Ceph Ceph Storage Ceph Storage Mon Ceph Storage Osd +5
NVD GitHub
CVSS 3.0
8.1
EPSS
3.2%
CVE-2016-5009 MEDIUM This Month

The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph monitor crash) via an (1) empty or (2) crafted prefix. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Ceph Storage Mon Ceph Storage Osd Enterprise Linux Desktop Enterprise Linux For Scientific Computing +3
NVD GitHub
CVSS 3.0
6.5
EPSS
1.4%
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

A flaw was found in the way signature calculation was handled by cephx authentication protocol. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Ceph Storage Ceph Storage Mon +8
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Rated high severity (CVSS 7.5), this vulnerability is no authentication required.

Information Disclosure Ceph Storage Ceph Storage Mon +8
NVD GitHub
EPSS 3% CVSS 8.1
HIGH PATCH This Week

A flaw was found in the way ceph mon handles user requests. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Ceph Ceph Storage +7
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM This Month

The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph monitor crash) via an (1) empty or (2) crafted prefix. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Ceph Storage Mon Ceph Storage Osd +5
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy