PT-2018-10149 · Red Hat+2 · Ceph+2

Publicado

2018-07-10

Atualizado

2019-10-09

CVE-2018-10861

CVSS v3.1

8.1

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions Ceph versions master, mimic, luminous, and jewel

Description A flaw was found in the way Ceph handles user requests, allowing any authenticated Ceph user with read access to delete, create Ceph storage pools, and corrupt snapshot images.

Recommendations For versions master, mimic, luminous, and jewel, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authorization

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-285CWE-287

Identificadores relacionados

ALT-PU-2018-2306

ALT-PU-2018-2576

CVE-2018-10861

DSA-4339-1

DSA-4339-2

OPENSUSE-SU-2018_2283-1

OPENSUSE-SU-2019:1284-1

OPENSUSE-SU-2019_1284-1

OPENSUSE-SU-2024:10676-1

RHSA-2018:2177

RHSA-2018:2261

SUSE-SU-2018:1920-1

SUSE-SU-2018:2193-1

SUSE-SU-2018:2299-1

SUSE-SU-2018:2478-1

SUSE-SU-2018_2478-1

SUSE-SU-2019:0586-1

SUSE-SU-2019_0586-1

Produtos afetados

Alt Linux

Ceph

Suse

PT-2018-10149 · Red Hat+2 · Ceph+2

CVE-2018-10861

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 51