CVE-2020-1699

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Ceph versions 14.2.5 through 14.2.6 Ceph version 15.0.0

Description A path traversal flaw was found in the Ceph dashboard, allowing an unauthenticated attacker to cause information disclosure on the host machine running the Ceph dashboard.

Recommendations For Ceph versions 14.2.5 through 14.2.6, update to version 14.2.7 to resolve the issue. For Ceph version 15.0.0, update to version 15.1.0 to resolve the issue.

Fix

Information Disclosure

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-22

Related Identifiers

ALT-PU-2020-1266

ALT-PU-2020-1349

BIT-CEPH-2020-1699

CVE-2020-1699

OPENSUSE-SU-2020:0187-1

OPENSUSE-SU-2020_0187-1

SUSE-SU-2020:0296-1

SUSE-SU-2020_0296-1

Affected Products

Alt Linux

Ceph

Suse

CVE-2020-1699

Weakness Enumeration

Related Identifiers

Affected Products

References · 15