Lucene search
K

5 matches found

OSV
OSV
added 2026/03/20 9:5 a.m.1 views

BIT-CEPH-2021-20288

An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys, allowing key reuse. An attacker who can request a globalid can exploit the ability of any user to request a globalid previously associated...

7.2CVSS6.7AI score0.0211EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2021-20288

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys,...

7.2CVSS6.9AI score0.0211EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:47 a.m.5 views

SUSE CVE-2021-20288

An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys, allowing key reuse. An attacker who can request a globalid can exploit the ability of any user to request a globalid previously associated...

8CVSS7AI score0.0211EPSS
Exploits0References21
RedHat Linux
RedHat Linux
added 2022/04/19 10:22 a.m.4 views

ceph: Unauthorized global_id reuse in cephx

An authentication flaw was found in ceph. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys, allowing key reuse. An attacker who can request a globalid can exploit the ability of any user to request a globalid previously associated with another user, as ceph...

7.2CVSS7.2AI score0.0211EPSS
Exploits0References4
OSV
OSV
added 2021/04/15 3:15 p.m.4 views

UBUNTU-CVE-2021-20288

An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys, allowing key reuse. An attacker who can request a globalid can exploit the ability of any user to request a globalid previously associated...

7.2CVSS6.7AI score0.0211EPSS
Exploits0References6
Rows per page
Query Builder