57 matches found
CVE-2021-2319
Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway component: Management Console. The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...
CVE-2021-2320
Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway component: Management Console. The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...
CVE-2021-2318
CVE-2021-2318 affects Oracle Cloud Infrastructure Storage Gateway (Management Console) prior to version 1.4. The vulnerability allows a highly privileged attacker with network access over HTTP to compromise the gateway, potentially leading to takeover of the Oracle Cloud Infrastructure Storage Ga...
CVE-2021-2317
Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway component: Management Console. The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2021-2318
Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway component: Management Console. The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...
CVE-2021-2319
Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway component: Management Console. The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...
CVE-2021-2320
Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway component: Management Console. The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...
CVE-2021-2318
Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway component: Management Console. The supported version that is affected is Prior to 1.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...
CVE-2021-2320
Summary: CVE-2021-2320 affects Oracle Cloud Infrastructure Storage Gateway (Management Console) prior to version 1.4. The vulnerability allows a highly privileged attacker with network access over HTTP to compromise the gateway, with potential takeover of the Oracle Cloud Infrastructure Storage G...
CVE-2021-2256
Vulnerability in the Oracle Storage Cloud Software Appliance product of Oracle Storage Gateway component: Management Console. The supported version that is affected is Prior to 16.3.1.4.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2021-2256
CVE-2021-2256 affects Oracle Storage Cloud Software Appliance (Management Console) prior to 16.3.1.4.2. An unauthenticated attacker with network access via HTTP can compromise the appliance, potentially taking over the system. The vulnerability is documented with a CVSS v3.1 base score of 10.0 (N...
Oracle Cloud Infrastructure Storage Gateway 安全漏洞
Oracle Cloud Infrastructure Storage Gateway is an application gateway from Oracle Corporation in the United States. A security vulnerability in Oracle Cloud Infrastructure Storage Gateway Management Console Prior to 1.4 allows a highly privileged attacker accessed over an HTTP network to compromi...
Oracle Cloud Infrastructure Storage Gateway 安全漏洞
Oracle Cloud Infrastructure Storage Gateway is an application gateway from Oracle Corporation in the United States. A security vulnerability in Oracle Cloud Infrastructure Storage Gateway Management Console Prior to 1.4 allows a highly privileged attacker accessed over an HTTP network to compromi...
Oracle Cloud Infrastructure Storage Gateway 安全漏洞
Oracle Cloud Infrastructure Storage Gateway is an application gateway from Oracle Corporation in the United States. A security vulnerability in Oracle Cloud Infrastructure Storage Gateway Management Console Prior to 1.4 allows a highly privileged attacker accessed over an HTTP network to compromi...
Oracle Cloud Infrastructure Storage Gateway 安全漏洞
Oracle Cloud Infrastructure Storage Gateway is an application gateway from Oracle Corporation in the United States. A security vulnerability in Oracle Cloud Infrastructure Storage Gateway Management Console Prior to 1.4 allows an unauthenticated attacker to compromise Oracle Cloud Infrastructure...
ceph: Unauthenticated clients can crash ceph RGW configured with beast as frontend
A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients...
ceph: RGW permits bucket listing when authenticated_users=read
A flaw was found in Ceph RGW code which allows an anonymous user to list contents of RGW bucket by bypassing ACL which should only allow authenticated users to list contents of bucket...