VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Linuxfoundation
>
Ceph
> 12.2.9
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-04-15
CVE-2021-20288
Improper Authentication vulnerability in multiple products
An authentication flaw was found in ceph in versions before 14.2.20.
network
low complexity
linuxfoundation
redhat
fedoraproject
debian
CWE-287
7.2
7.2
2020-06-26
CVE-2020-10753
Injection vulnerability in multiple products
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway).
network
low complexity
redhat
fedoraproject
opensuse
linuxfoundation
canonical
CWE-74
6.5
6.5
2020-04-23
CVE-2020-1760
Cross-site Scripting vulnerability in multiple products
A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3.
network
low complexity
linuxfoundation
redhat
fedoraproject
canonical
debian
CWE-79
6.1
6.1
2020-04-22
CVE-2020-12059
NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in Ceph through 13.2.9.
network
low complexity
linuxfoundation
canonical
CWE-476
7.5
7.5
2020-04-13
CVE-2020-1759
A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session.
network
high complexity
redhat
linuxfoundation
fedoraproject
6.8
6.8