Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Tenable Nessus
Tenable Nessusadded 2025/08/09 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2018-10861

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and...

8.1CVSS6.5AI score0.00786EPSS
Exploits0References2
Microsoft CVE
Microsoft CVEadded 2024/06/30 2:0 p.m.3 views

A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master mimic luminous and jewel are believed to be vulnerable.

...

6.5CVSS6.9AI score0.00348EPSS
Exploits0
Veracode
Veracodeadded 2019/01/15 9:24 a.m.25 views

Authorization Bypass

ceph is vulnerable to authorization bypass attacks. The vulnerability exists as a flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, lumino...

8.1CVSS7.5AI score0.00786EPSS
Exploits0References31Affected Software3
NVD
NVDadded 2018/07/10 2:29 p.m.18 views

CVE-2018-1128

It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions...

7.5CVSS7.1AI score0.01038EPSS
Exploits0References12
OSV
OSVadded 2018/07/10 2:29 p.m.2 views

DEBIAN-CVE-2018-1128

It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions...

7.5CVSS7.9AI score0.01038EPSS
Exploits0References1
OSV
OSVadded 2018/07/10 2:29 p.m.1 views

UBUNTU-CVE-2018-1129

A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel ar...

6.5CVSS6.8AI score0.00348EPSS
Exploits0References2
CVE
CVEadded 2018/07/10 2:0 p.m.376 views

CVE-2018-1128

CVE-2018-1128 describes a replay vulnerability in the Cephx authentication protocol where a packet sniffer on a Ceph cluster network can authenticate to Ceph services due to insufficient verification of clients. The issue affects the msgr2 protocol (used by most Ceph communication) and can compro...

7.5CVSS7AI score0.01038EPSS
Exploits0References12Affected Software7
Rows per page
Query Builder