Vulnerabilities > CVE-2022-0670

CVSS 9.1 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

linuxfoundation

redhat

fedoraproject

critical

NVD

Published: 2022-07-25

Updated: 2023-11-07

Summary

A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system. Fixed in RHCS 5.2 and Ceph 17.2.2.

Vulnerable Configurations

Part	Description	Count
Application	Linuxfoundation Linuxfoundation Ceph 15.0.0 Linuxfoundation Ceph 15.2.0 Linuxfoundation Ceph 15.2.1 Linuxfoundation Ceph 15.2.2 Linuxfoundation Ceph *	5
Application	Redhat Redhat Ceph Storage 1.3 Redhat Ceph Storage 1.3.2 Redhat Ceph Storage 2.0 Redhat Ceph Storage 3 Redhat Ceph Storage 3.0 Redhat Ceph Storage 3.3 Redhat Ceph Storage 4.0 Redhat Ceph Storage 4.3 Redhat Ceph Storage 5.0 Redhat Ceph Storage 5.1	10
OS	Fedoraproject Fedoraproject Fedora 35 Fedoraproject Fedora 36	2

Vulnerabilities > CVE-2022-0670 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2022-0670"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2022-0670