113 matches found
PT-2020-6261
Name of the Vulnerable Software and Affected Versions Ceph Object Gateway affected versions not specified Description The issue is related to the Ceph Object Gateway, which supports requests from anonymous users in Amazon S3. This could lead to potential XSS attacks due to the lack of proper...
PT-2019-3228 · Ceph +3 · Ceph Rgw +3
Name of the Vulnerable Software and Affected Versions: Ceph RGW affected versions not specified Description: The issue is related to an uncontrolled resource consumption in the Ceph RGW configuration. An attacker could exploit this by sending valid HTTP headers and then terminating the connection...
CVE-2016-9579
A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request. Ceph branches...
Design/Logic Flaw
A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request. Ceph branches...
DEBIAN-CVE-2016-9579
A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request. Ceph branches...
CVE-2016-9579
A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request. Ceph branches...
CVE-2016-9579
A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request. Ceph branches...
CVE-2016-9579
A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request. Ceph branches...
CVE-2016-9579
The CVE-2016-9579 flaw affects Ceph Object Gateway when CORS is configured to allow origins on a bucket. A remote unauthenticated attacker could trigger a denial-of-service by sending specially crafted cross-origin requests. Affected Ceph branches are 1.3.x and 2.x. Connected sources confirm this...
DEBIAN-CVE-2016-8626
A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial of service attack by sending null or specially crafted POST object requests...
Design/Logic Flaw
A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial of service attack by sending null or specially crafted POST object requests...
Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 2.5 security, enhancement, and bug fix update
An update for ceph is now available for Red Hat Ceph Storage 2.5 for Ubuntu 16.04. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 7 : Red Hat Ceph Storage (RHSA-2016:2815)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:2815 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a...
RHEL 7 : Red Hat Ceph Storage 1.3 (RHSA-2016:2847)
An update is now available for Red Hat Ceph Storage 1.3. This erratum is applicable for Red Hat Ceph Storage that runs on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, whic...
ceph: Object Gateway server DoS by sending invalid cross-origin HTTP request
A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request...
Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 1.3 security and bug fix update
An update is now available for Red Hat Ceph Storage 1.3. This erratum is for Red Hat Ceph Storage that runs on Ubuntu 14.04. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...
ceph: Object Gateway server DoS by sending invalid cross-origin HTTP request
A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request...
Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 1.3 security update
An update is now available for Red Hat Ceph Storage 1.3. This erratum is for Red Hat Ceph Storage that runs on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...
ceph: Object Gateway server DoS by sending invalid cross-origin HTTP request
A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request...
Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 2.1 security and bug fix update
An update is now available for Red Hat Ceph Storage 2.1. This erratum is for Red Hat Ceph Storage that runs on Ubuntu 16.04. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...