CVE-2020-10736

2020-05-19T03:25:33
ID RH:CVE-2020-10736
Type redhatcve
Reporter redhat.com
Modified 2021-06-16T01:45:28

Description

An authorization bypass vulnerability was found in Ceph versions 15.2.0 and later, where the ceph-mon and ceph-mgr daemons do not properly restrict access, resulting in gaining access to unauthorized resources. This flaw allows an authenticated client to modify the configuration and possibly conduct further attacks.

Mitigation

Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.