cephx is vulnerable to privilege escalation attacks. This is because cephx authentication protocol does not verify ceph clients correctly. An attacker who has access to the ceph cluster network is able to sniff packets on the network.
access.redhat.com/errata/RHSA-2020:5325
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1890354
ceph.io/community/v15-2-6-octopus-released/
ceph.io/releases/v14-2-14-nautilus-released/
lists.fedoraproject.org/archives/list/[email protected]/message/UBC4KZ44QUQENTYZPVHORGL4K2KV5V4F/
security.gentoo.org/glsa/202105-39