Vulnerabilities > CVE-2022-3854 - Unspecified vulnerability in Redhat Ceph Storage 3.0/4.0/5.0

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

redhat

NVD

Published: 2023-03-06

Updated: 2023-03-13

Summary

A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service.

Vulnerable Configurations

Part	Description	Count
Application	Redhat Redhat Ceph Storage 3.0 Redhat Ceph Storage 4.0 Redhat Ceph Storage 5.0	3

References

https://bugzilla.redhat.com/show_bug.cgi?id=2139925