Vulnerabilities > Redhat > Ceph Storage MON
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-01 | CVE-2016-9579 | Unspecified vulnerability in Redhat products A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. | 7.5 |
| 2018-07-10 | CVE-2018-1129 | Improper Authentication vulnerability in multiple products A flaw was found in the way signature calculation was handled by cephx authentication protocol. | 6.5 |
| 2018-07-10 | CVE-2018-1128 | Improper Authentication vulnerability in multiple products It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. | 7.5 |
| 2018-07-10 | CVE-2018-10861 | Improper Authentication vulnerability in multiple products A flaw was found in the way ceph mon handles user requests. | 8.1 |
| 2016-07-12 | CVE-2016-5009 | Improper Input Validation vulnerability in Redhat products The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph monitor crash) via an (1) empty or (2) crafted prefix. | 6.5 |