Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2021/08/14 10:35 p.m.29 views

CVE-2018-10861

A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete and corrupt snapshot images Mitigation Use monallowpooldelete = false in ceph.conf to disable deletion of pools $ for p in rados lspools do ceph osd pool set $p nodelete...

8.1CVSS0.7AI score0.03249EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2019:0586-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7AI score0.03249EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2018:2193-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.7AI score0.03249EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2018:2478-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.7AI score0.03249EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2019/04/28 12:0 a.m.262 views

openSUSE: Security Advisory for ceph (openSUSE-SU-2019:1284-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS7.2AI score0.03249EPSS
Exploits0References2
OSV
OSV
added 2019/03/12 12:0 p.m.8 views

SUSE-SU-2019:0586-1 Security update for ceph

This update for ceph version 13.2.4 fixes the following issues: Security issues fixed: - CVE-2018-14662: Fixed an issue with LUKS 'config-key' safety bsc1111177 - CVE-2018-10861: Fixed an authorization bypass on OSD pool ops in ceph-mon bsc1099162 - CVE-2018-1128: Fixed signature check bypass in...

8.1CVSS7AI score0.03249EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2018/08/23 12:0 a.m.44 views

SUSE SLED12 / SLES12 Security Update : ceph (SUSE-SU-2018:2478-1)

This update for ceph fixes the following issues : - Update to version 12.2.7-420-gc0ef85b854 : - https://ceph.com/releases/12-2-7-luminous-released/ - luminous: osd: eternal stuck PG in 'unfoundrecovery' bsc1094932 - bluestore: db.slow used when db is not full bsc1092874 - CVE-2018-10861: Ensure...

8.1CVSS6.8AI score0.03249EPSS
Exploits0References12
OPENSUSE Linux
OPENSUSE Linux
added 2018/08/10 3:7 a.m.65 views

Security update for ceph (important)

This update for ceph fixes the following issues: Security issues fixed: - CVE-2018-10861: Ensure that ceph-mon does perform authorization on all OSD pool ops bsc1099162 - CVE-2018-1129: cephx signature check bypass bsc1096748 - CVE-2018-1128: cephx protocol was vulnerable to replay attack...

7.6AI score0.03249EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/08/07 12:0 a.m.243 views

Fedora 27 : 1:ceph (2018-8738f5f4a7)

New release 1:12.2.7-1 ---- New release 1:12.2.6-1 CVE-2018-1128 CVE-2018-1129 CVE-2018-10861 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

8.1CVSS6.8AI score0.03249EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/08/06 12:0 a.m.66 views

SUSE SLED12 / SLES12 Security Update : ceph (SUSE-SU-2018:2193-1)

This update for ceph fixes the following issues : - Update to version 12.2.7-420-gc0ef85b854 : - https://ceph.com/releases/12-2-7-luminous-released/ - luminous: osd: eternal stuck PG in 'unfoundrecovery' bsc1094932 - bluestore: db.slow used when db is not full bsc1092874 - CVE-2018-10861: Ensure...

8.1CVSS6.8AI score0.03249EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2018/07/26 7:0 p.m.314 views

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 2.5 security, enhancement, and bug fix update

An update for ceph is now available for Red Hat Ceph Storage 2.5 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.1CVSS6.6AI score0.03249EPSS
Exploits0References21
RedHat Linux
RedHat Linux
added 2018/07/26 3:35 p.m.74 views

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 2.5 security, enhancement, and bug fix update

An update for ceph is now available for Red Hat Ceph Storage 2.5 for Ubuntu 16.04. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.1CVSS6.6AI score0.03249EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2018/07/11 6:21 p.m.178 views

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 3.0 security and bug fix update

An update for ceph is now available for Red Hat Ceph Storage for Ubuntu 16.04. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.1CVSS6.7AI score0.03249EPSS
Exploits0References4
NVD
NVD
added 2018/07/10 2:29 p.m.26 views

CVE-2018-10861

A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected...

8.1CVSS6.8AI score0.03249EPSS
Exploits0References10
CVE
CVE
added 2018/07/10 2:0 p.m.255 views

CVE-2018-10861

CVE-2018-10861 describes an authorization issue in Ceph Monitor (ceph-mon) where any authenticated Ceph user with read access can delete, create Ceph storage pools, and corrupt snapshot images. Affected releases include Ceph branches master, mimic, luminous, and jewel. The impact is the ability t...

8.1CVSS6.4AI score0.03249EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder