PT-2019-3228 · Ceph+3 · Ceph Rgw+3

Ali Maredia

Publicado

2019-08-28

Atualizado

2024-02-10

CVE-2019-10222

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Ceph RGW (affected versions not specified)

Description The issue is related to an uncontrolled resource consumption in the Ceph RGW configuration. An attacker could exploit this by sending valid HTTP headers and then terminating the connection, resulting in a denial of service for Ceph RGW clients. This could be done by an unauthenticated attacker acting remotely.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Improper Handling of Exceptional Conditions

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-755CWE-400

Identificadores relacionados

ALT-PU-2019-2841

ALT-PU-2019-2855

BDU:2019-03217

CVE-2019-10222

DLA-3629-1

OPENSUSE-SU-2024:10676-1

RHSA-2019:2577

SUSE-SU-2019:2247-1

SUSE-SU-2019:2736-1

SUSE-SU-2019:2994-1

SUSE-SU-2019_2247-1

SUSE-SU-2019_2736-1

USN-4112-1

Produtos afetados

Alt Linux

Ceph Rgw

Suse

Ubuntu

PT-2019-3228 · Ceph+3 · Ceph Rgw+3

CVE-2019-10222

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 52