15 matches found
BIT-CEPH-2022-0670
A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of...
The vulnerability of the “volumes” plugin in the Ceph Manager storage system allows a attacker to gain access to confidential data and compromise its integrity.
The vulnerability of the “volumes” plugin in the Ceph Manager storage system is related to incorrect authentication. Exploiting this vulnerability allows an attacker who operates remotely to gain access to confidential data and compromise its integrity...
USN-6063-1: Ceph vulnerabilities
Mark Kirkwood discovered that Ceph incorrectly handled certain key lengths. An attacker could possibly use this issue to create non-random encryption keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2021-3979 It was discovered that Ceph incorrectly handled the volumes...
USN-6063-1 ceph vulnerabilities
Mark Kirkwood discovered that Ceph incorrectly handled certain key lengths. An attacker could possibly use this issue to create non-random encryption keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2021-3979 It was discovered that Ceph incorrectly handled the volumes...
SUSE CVE-2022-0670
A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of...
OESA-2022-2125 ceph security update
Ceph is a massively scalable, open-source, distributed storage system that runs on commodity hardware and delivers object, block and file system storage. Security Fixes: A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla shar...
ceph: user/tenant can obtain access (read/write) to any share
A flaw was found in OpenStack Manila, where owning a Ceph File system "share" enables the owner to read/write any Manila share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This flaw allows an attacker to compromise the confidentiality and...
Privilege Escalation
ceph is vulnerable to privilege escalation. The vulnerability exists due to a bug in the volumes plugin in Ceph Manager allowing an attacker to read/write any manilla share or entire file system...
A flaw was found in Openstack manilla owning a Ceph File system "share" which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system. Fixed in RHCS 5.2 and Ceph 17.2.2.
...
CVE-2022-0670
A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of...
DEBIAN-CVE-2022-0670
A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of...
AZL-38305 CVE-2022-0670 affecting package ceph for versions less than 18.2.1-1
A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of...
UBUNTU-CVE-2022-0670
A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of...
CVE-2022-0670
CVE-2022-0670 affects Ceph/Manailla integration for OpenStack CephFS shares via the volumes plugin in Ceph Manager. The root cause is a bug in the volumes plugin that lets the share owner read/write any Manila share or the entire filesystem, compromising confidentiality and integrity. Remediation...
PT-2022-7554
Name of the Vulnerable Software and Affected Versions Openstack manilla versions prior to RHCS 5.2 and Ceph 17.2.2 Description A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability ...