Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Ceph Security Vulnerabilities - January 2019

cve
cve

CVE-2018-14662

It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption.

5.7CVSS

5.7AI Score

0.001EPSS

2019-01-15 09:29 PM
191
9
cve
cve

CVE-2018-16846

It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices.

6.5CVSS

6.2AI Score

0.003EPSS

2019-01-15 06:29 PM
189
9
cve
cve

CVE-2018-16889

Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the leaking of encryption key information in log files via plaintext. Versions up to v13.2.4 are vulnerable.

7.5CVSS

6.6AI Score

0.002EPSS

2019-01-28 02:29 PM
169