Lucene search
+L

16 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2021-20288

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys,...

7.2CVSS6.5AI score0.02128EPSS
Exploits0References2
Circl
Circl
added 2025/01/09 7:46 p.m.7 views

CVE-2021-20288

creationtimestamp| type| source ---|---|--- 2025-01-09 19:46:10+00:00| seen| https://gist.github.com/sini/daf2ebc7f4ff5092da076dd4d696eee5...

7.2CVSS6.7AI score0.02128EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2021-0207)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS6.9AI score0.02128EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/11/02 12:0 a.m.33 views

Ubuntu: Security Advisory (USN-5128-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS6.4AI score0.02425EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2021/06/15 5:17 p.m.129 views

Important: Red Hat Security Advisory: Red Hat Ceph Storage 4.2 Security and Bug Fix Update

An update for ceph, ceph-ansible, ceph-iscsi, python-waitress, and tcmu-runner is now available for Red Hat Ceph Storage 4.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7.2CVSS6.6AI score0.02449EPSS
Exploits1References90
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2021:1474-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS6.8AI score0.02128EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2021:1473-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS6.6AI score0.02449EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2021/05/18 12:0 a.m.34 views

openSUSE Security Update : ceph (openSUSE-2021-672)

This update for ceph fixes the following issues : - ceph was updated to 15.2.11-83-g8a15f484c2 : - CVE-2021-20288: Fixed unauthorized globalid reuse bsc1183074. - disk gets replaced with no rocksdb/wal bsc1184231. - BlueStore handles huge4GB writes from RocksDB to BlueFS poorly, potentially causi...

7.2CVSS7.1AI score0.02128EPSS
Exploits0References4
Mageia
Mageia
added 2021/05/07 5:35 a.m.40 views

Updated ceph packages fix a security vulnerability

An authentication flaw was found in ceph. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys, allowing key reuse. An attacker who can request a globalid can exploit the ability of any user to request a globalid previously associated with another user, as ceph...

7.2CVSS1.9AI score0.02128EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2021/05/06 12:0 a.m.36 views

Security update for ceph (important)

openSUSE Security Update: Security update for ceph Announcement ID: openSUSE-SU-2021:0672-1 Rating: important References: 1183074 1183899 1184231 Cross-References: CVE-2021-20288 CVSS scores: CVE-2021-20288 NVD : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2021-20288 SUSE: 8...

8CVSS7.2AI score0.02128EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/05/05 12:0 a.m.35 views

SUSE SLED15 / SLES15 Security Update : ceph (SUSE-SU-2021:1474-1)

This update for ceph fixes the following issues : ceph was updated to 15.2.11-83-g8a15f484c2 : - CVE-2021-20288: Fixed unauthorized globalid reuse bsc1183074. - disk gets replaced with no rocksdb/wal bsc1184231. - BlueStore handles huge4GB writes from RocksDB to BlueFS poorly, potentially causing...

7.2CVSS7.1AI score0.02128EPSS
Exploits0References6
OSV
OSV
added 2021/05/04 6:59 a.m.9 views

SUSE-SU-2021:1474-1 Security update for ceph

This update for ceph fixes the following issues: - ceph was updated to 15.2.11-83-g8a15f484c2: CVE-2021-20288: Fixed unauthorized globalid reuse bsc1183074. disk gets replaced with no rocksdb/wal bsc1184231. BlueStore handles huge4GB writes from RocksDB to BlueFS poorly, potentially causing data...

7.2CVSS7.1AI score0.02128EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/05/01 12:0 a.m.23 views

Fedora: Security Advisory for ceph (FEDORA-2021-e65b9fb52e)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.2CVSS6.8AI score0.02128EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/05/01 12:0 a.m.17 views

Fedora: Security Advisory for ceph (FEDORA-2021-e29c1ee892)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.2CVSS6.8AI score0.02128EPSS
Exploits0References2
CVE
CVE
added 2021/04/15 12:0 a.m.233 views

CVE-2021-20288

Ceph CVE-2021-20288 is an authentication flaw in Ceph before certain fixed releases. The root cause is that CEPHX_GET_AUTH_SESSION_KEY handling does not sanitize other_keys, allowing reuse of old keys when a global_id is requested, enabling a user to leverage a global_id previously associated wit...

7.2CVSS6.8AI score0.02128EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2021/04/14 5:39 p.m.34 views

CVE-2021-20288

An authentication flaw was found in ceph. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys, allowing key reuse. An attacker who can request a globalid can exploit the ability of any user to request a globalid previously associated with another user, as ceph...

8CVSS2.5AI score0.02128EPSS
Exploits0References3
Rows per page
Query Builder