Lucene search
K

78 matches found

RedhatCVE
RedhatCVE
added 2020/12/16 9:35 p.m.29 views

CVE-2020-27781

User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved via the interface...

7.1CVSS4.4AI score0.0031EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2020/07/23 8:8 p.m.32 views

CVE-2019-11252

A flaw was found in Kubernetes that allows the logging of credentials when mounting AzureFile and CephFS volumes. This flaw allows an attacker to access kubelet logs, read the credentials, and use them to access other services. The highest threat from this vulnerability is to confidentiality...

6.5CVSS6.7AI score0.01147EPSS
Exploits0References3
OSV
OSV
added 2020/07/23 3:15 p.m.3 views

DEBIAN-CVE-2019-11252

The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes...

6.5CVSS6.9AI score0.01147EPSS
Exploits0References1
OSV
OSV
added 2020/07/23 3:15 p.m.24 views

CVE-2019-11252

The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes...

6.5CVSS6.5AI score
Exploits0References1
NVD
NVD
added 2020/07/23 3:15 p.m.23 views

CVE-2019-11252

The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes...

6.5CVSS6.2AI score0.01147EPSS
Exploits0References1
Prion
Prion
added 2020/07/23 3:15 p.m.20 views

Design/Logic Flaw

The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes...

5CVSS6.7AI score0.01147EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2020/07/23 3:15 p.m.30 views

CVE-2019-11252

The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes...

6.5CVSS6.8AI score0.01147EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/07/23 2:47 p.m.23 views

CVE-2019-11252 Credential leakage when failing to mount

The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes...

5.9CVSS6.8AI score0.01147EPSS
Exploits0References1
CVE
CVE
added 2020/07/23 2:47 p.m.132 views

CVE-2019-11252

CVE-2019-11252 affects Kubernetes kube-controller-manager (versions v1.0–v1.17). It leaks credentials via error messages in mount failure logs/events for AzureFile and CephFS volumes, enabling access to user credentials if logs are obtained. The issue is specifically tied to credential leakage th...

6.5CVSS6.1AI score0.01147EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2020/07/23 2:47 p.m.34 views

CVE-2019-11252

The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes...

6.5CVSS6.6AI score0.01147EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/07/13 4:46 p.m.6 views

kubernetes: credential leak in kube-controller-manager via error messages in mount failure logs and events for AzureFile and CephFS volumes

A flaw was found in Kubernetes that allows the logging of credentials when mounting AzureFile and CephFS volumes. This flaw allows an attacker to access kubelet logs, read the credentials, and use them to access other services. The highest threat from this vulnerability is to confidentiality...

6.5CVSS7.1AI score0.01147EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/07/18 12:0 a.m.282 views

RHEL 7 : Red Hat Ceph Storage 3.0 (RHSA-2018:2177)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2177 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system...

8.1CVSS7AI score0.03249EPSS
Exploits0References29
RedHat Linux
RedHat Linux
added 2018/07/11 6:21 p.m.178 views

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 3.0 security and bug fix update

An update for ceph is now available for Red Hat Ceph Storage for Ubuntu 16.04. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.1CVSS6.7AI score0.03249EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/12/21 12:0 a.m.26 views

openSUSE Security Update : ceph (openSUSE-2016-1500)

ceph was updated to version 10.2.4 and fixes the following issues : - A moncommand with empty prefix could crash the monitor boo987144, CVE-2016-5009 - Detect crc32 extension support from assembler on AArch64 boo999688 - Failing file operations on kernel based cephfs mount point could leave...

6.5CVSS6.1AI score0.0248EPSS
Exploits0References12
OSV
OSV
added 2016/11/15 5:11 p.m.6 views

SUSE-SU-2016:2809-1 Recommended update for ceph

This update provides Ceph 10.2.3, which includes important bug fixes in RBD mirroring, RGW multi-site, CephFS, and RADOS. Build/OPS: - AArch64: Detect crc32 extension support from assembler. bsc999688 - Drop legacy ceph RA which doesn't work with systemd unit files. - The mount.ceph binary, which...

6.5CVSS6.5AI score0.0248EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2016/09/30 12:0 a.m.40 views

RHEL 7 : org.ovirt.engine-root (RHSA-2016:1967)

An update for org.ovirt.engine-root is now available for RHEV Engine version 4.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

3.3CVSS5.3AI score0.00346EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2016/09/28 9:2 p.m.38 views

Moderate: Red Hat Security Advisory: org.ovirt.engine-root security, bug fix, and enhancement update

An update for org.ovirt.engine-root is now available for RHEV Engine version 4.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

3.3CVSS5.9AI score0.00346EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2016/08/29 12:0 a.m.65 views

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:1696-1)

The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.59 to receive various security and bugfixes. Main feature additions : - Improved support for Clustered File System CephFS, fate318586. - Addition of kGraft patches now produces logging messages to simplify auditing fate317827. The...

8.4CVSS6.8AI score0.01814EPSS
Exploits20References115
Rows per page
Query Builder