16 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-14662
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk...
SUSE: Security Advisory (SUSE-SU-2019:0586-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:0499-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Photon OS 2.0: Ceph PHSA-2020-2.0-0237
An update of the ceph package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0237. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid136326;...
EulerOS 2.0 SP8 : ceph (EulerOS-SA-2020-1285)
According to the version of the ceph packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph...
Huawei EulerOS: Security Advisory for ceph (EulerOS-SA-2020-1285)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 3.3 security, bug fix, and enhancement update
An update is now available for Red Hat Ceph Storage 3.3 on Ubuntu 16.04. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 3.3 security, bug fix, and enhancement update
An update is now available for Red Hat Ceph Storage 3.3 on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
USN-4035-1: Ceph vulnerabilities
It was discovered that Ceph incorrectly handled read only permissions. An authenticated attacker could use this issue to obtain dm-crypt encryption keys. This issue only affected Ubuntu 16.04 LTS. CVE-2018-14662 It was discovered that Ceph incorrectly handled certain OMAPs holding bucket indices...
openSUSE: Security Advisory for ceph (openSUSE-SU-2019:1284-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE-SU-2019:0586-1 Security update for ceph
This update for ceph version 13.2.4 fixes the following issues: Security issues fixed: - CVE-2018-14662: Fixed an issue with LUKS 'config-key' safety bsc1111177 - CVE-2018-10861: Fixed an authorization bypass on OSD pool ops in ceph-mon bsc1099162 - CVE-2018-1128: Fixed signature check bypass in...
openSUSE Security Update : ceph (openSUSE-2019-306)
This update for ceph fixes the following issues : Security issues fixed : - CVE-2018-14662: mon: limit caps allowed to access the config store bsc1111177 - CVE-2018-16846: rgw: enforce bounds on max-keys/max-uploads/max-parts bsc1114710 - CVE-2018-16889: rgw: sanitize customer encryption keys fro...
SUSE SLED12 / SLES12 Security Update : ceph (SUSE-SU-2019:0499-1)
This update for ceph fixes the following issues : Security issues fixed : CVE-2018-14662: mon: limit caps allowed to access the config store bsc1111177 CVE-2018-16846: rgw: enforce bounds on max-keys/max-uploads/max-parts bsc1114710 CVE-2018-16889: rgw: sanitize customer encryption keys from log...
Fedora 29 : 1:ceph (2019-6a2e72916a)
New release 1:12.2.11-1 notes=Security fix for CVE-2018-14662, CVE-2018-16846, CVE-2018-16889 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...
CVE-2018-14662
CVE-2018-14662 affects Ceph up to version 13.2.3 (pre-13.2.4). The vulnerability allows authenticated Ceph users with read-only permissions to steal dm-crypt encryption keys used for Ceph disk encryption. This is the underlying flaw reported across multiple advisories and repository releases (not...
CVE-2018-14662
It was found that authenticated ceph user with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption...