9 matches found
RHEL 7 / 8 : Red Hat Ceph Storage 4.2 Security and Bug Fix Update (Important) (RHSA-2021:2445)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2445 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage...
SUSE: Security Advisory (SUSE-SU-2021:1474-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for ceph (openSUSE-SU-2021:0672-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLES15 Security Update : ceph (SUSE-SU-2021:1473-1)
This update for ceph fixes the following issues : ceph was updated to 14.2.20-402-g6aa76c6815 : - CVE-2021-20288: Fixed unauthorized globalid reuse bsc1183074. - CVE-2020-25678: Do not add sensitive information in Ceph log files bsc1178905. - CVE-2020-27839: Use secure cookies to store JWT Token...
SUSE SLED15 / SLES15 Security Update : ceph (SUSE-SU-2021:1474-1)
This update for ceph fixes the following issues : ceph was updated to 15.2.11-83-g8a15f484c2 : - CVE-2021-20288: Fixed unauthorized globalid reuse bsc1183074. - disk gets replaced with no rocksdb/wal bsc1184231. - BlueStore handles huge4GB writes from RocksDB to BlueFS poorly, potentially causing...
SUSE-SU-2021:1474-1 Security update for ceph
This update for ceph fixes the following issues: - ceph was updated to 15.2.11-83-g8a15f484c2: CVE-2021-20288: Fixed unauthorized globalid reuse bsc1183074. disk gets replaced with no rocksdb/wal bsc1184231. BlueStore handles huge4GB writes from RocksDB to BlueFS poorly, potentially causing data...
CVE-2021-20288
An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys, allowing key reuse. An attacker who can request a globalid can exploit the ability of any user to request a globalid previously associated...
CVE-2021-20288
An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys, allowing key reuse. An attacker who can request a globalid can exploit the ability of any user to request a globalid previously associated...
CVE-2021-20288
An authentication flaw was found in ceph. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys, allowing key reuse. An attacker who can request a globalid can exploit the ability of any user to request a globalid previously associated with another user, as ceph...