Lucene search
K

18 matches found

OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2020:3459-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.9AI score0.01022EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2020:3473-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.9AI score0.01022EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/01/29 12:0 a.m.29 views

Ubuntu: Security Advisory (USN-4706-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.4AI score0.01619EPSS
Exploits0References2
OSV
OSV
added 2021/01/28 1:40 p.m.10 views

USN-4706-1 ceph vulnerabilities

Olle Segerdahl found that ceph-mon and ceph-mgr daemons did not properly restrict access, resulting in gaining access to unauthorized resources. An authenticated user could use this vulnerability to modify the configuration and possibly conduct further attacks. CVE-2020-10736 Adam Mohammed found...

8.8CVSS6.9AI score0.01619EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2021/01/28 1:40 p.m.204 views

USN-4706-1: Ceph vulnerabilities

Olle Segerdahl found that ceph-mon and ceph-mgr daemons did not properly restrict access, resulting in gaining access to unauthorized resources. An authenticated user could use this vulnerability to modify the configuration and possibly conduct further attacks. CVE-2020-10736 Adam Mohammed found...

8.8CVSS6.9AI score0.01619EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2021/01/12 2:58 p.m.74 views

Important: Red Hat Security Advisory: Red Hat Ceph Storage 4.2 Security and Bug Fix update

An update is now available for Red Hat Ceph Storage 4.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links i...

8.8CVSS6.7AI score0.01022EPSS
Exploits0References116
Tenable Nessus
Tenable Nessus
added 2021/01/12 12:0 a.m.58 views

RHEL 7 / 8 : Red Hat Ceph Storage 4.2 Security and Bug Fix update (Important) (RHSA-2021:0081)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0081 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage...

8.8CVSS6.8AI score0.01022EPSS
Exploits0References120
Tenable Nessus
Tenable Nessus
added 2020/12/09 12:0 a.m.44 views

SUSE SLED15 / SLES15 Security Update : ceph (SUSE-SU-2020:3459-1)

This update for ceph fixes the following issues : CVE-2020-25660: Bring back CEPHXV2 authorizer challenges bsc1177843. Major batch refactor of ceph-volume that addresses a couple of issues bsc1151612, bsc1158257 Documented Prometheus' security model bsc1169134 monclient: Fixed an issue where...

8.8CVSS7.4AI score0.01022EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2020/12/09 12:0 a.m.42 views

SUSE SLED15 / SLES15 Security Update : ceph (SUSE-SU-2020:3473-1)

This update for ceph fixes the following issues : CVE-2020-25660: Bring back CEPHXV2 authorizer challenges bsc1177843. Added --container-init feature bsc1177319, bsc1163764 Made journald as the logdriver again bsc1177933 Fixes a condition check for copytree, copyfiles, and movefiles in cephadm...

8.8CVSS7.3AI score0.01022EPSS
Exploits0References27
RedHat Linux
RedHat Linux
added 2020/12/02 4:15 p.m.89 views

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 4.1 security and bug fix update

An update is now available for Red Hat Ceph Storage 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

8.8CVSS7.1AI score0.01022EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/12/02 12:0 a.m.38 views

RHEL 7 / 8 : Red Hat Ceph Storage 4.1 (RHSA-2020:5325)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:5325 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with...

8.8CVSS7.5AI score0.01022EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2020/11/30 12:0 a.m.40 views

openSUSE Security Update : ceph (openSUSE-2020-2057)

This update for ceph fixes the following issues : - CVE-2020-25660: Bring back CEPHXV2 authorizer challenges bsc1177843. - Major batch refactor of ceph-volume that addresses a couple of issues bsc1151612, bsc1158257 - Documented Prometheus' security model bsc1169134 - monclient: Fixed an issue...

8.8CVSS7.6AI score0.01022EPSS
Exploits0References10
OSV
OSV
added 2020/11/27 1:25 p.m.6 views

OPENSUSE-SU-2020:2082-1 Security update for ceph

This update for ceph fixes the following issues: - CVE-2020-25660: Bring back CEPHXV2 authorizer challenges bsc1177843. - Added --container-init feature bsc1177319, bsc1163764 - Made journald as the logdriver again bsc1177933 - Fixes a condition check for copytree, copyfiles, and movefiles in...

8.8CVSS8.6AI score0.01022EPSS
Exploits0References26
OSV
OSV
added 2020/11/26 2:52 p.m.7 views

SUSE-SU-2020:3539-1 Security update for ceph

This update for ceph fixes the following issues: Security issue fixed: - CVE-2020-25660: Bring back CEPHXV2 authorizer challenges bsc1177843. - mgr/dashboard: Fix for CrushMap viewer items getting compressed vertically bsc1170200 - mon: have 'mon stat' output json as well bsc1174466 -...

8.8CVSS8.7AI score0.01022EPSS
Exploits0References8
ArchLinux
ArchLinux
added 2020/11/26 12:0 a.m.173 views

[ASA-202011-22] ceph: multiple issues

Arch Linux Security Advisory ASA-202011-22 ========================================== Severity: High Date : 2020-11-26 CVE-ID : CVE-2020-1759 CVE-2020-1760 CVE-2020-10753 CVE-2020-25660 Package : ceph Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1195 Summary =====...

8.8CVSS0.1AI score0.01619EPSS
Exploits0References25
CVE
CVE
added 2020/11/23 9:18 p.m.312 views

CVE-2020-25660

The CVE-2020-25660 issue affects Cephx authentication in Ceph versions before 15.2.6 and before 14.2.14, where client verification can be bypassed, enabling replay attacks over the msgr2 protocol (affecting most Ceph communications; msgr1 is unaffected). An attacker with cluster-network access co...

8.8CVSS6.9AI score0.01022EPSS
Exploits0References5Affected Software1
AlpineLinux
AlpineLinux
added 2020/11/23 9:18 p.m.56 views

CVE-2020-25660

A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to authenticate with the...

8.8CVSS7.2AI score0.01022EPSS
Exploits0
Debian CVE
Debian CVE
added 2020/11/23 9:18 p.m.50 views

CVE-2020-25660

A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to authenticate with the...

8.8CVSS7.8AI score0.01022EPSS
Exploits0
Rows per page
Query Builder