Vulnerabilities > Redhat > Ceph Storage MON > 2

DATE CVE VULNERABILITY TITLE RISK
2018-08-01 CVE-2016-9579 Unspecified vulnerability in Redhat products
A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket.
network
low complexity
redhat
7.5
2018-07-10 CVE-2018-1129 Improper Authentication vulnerability in multiple products
A flaw was found in the way signature calculation was handled by cephx authentication protocol.
low complexity
redhat ceph debian opensuse CWE-287
6.5
2018-07-10 CVE-2018-1128 Improper Authentication vulnerability in multiple products
It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack.
high complexity
redhat debian opensuse CWE-287
7.5
2018-07-10 CVE-2018-10861 Improper Authentication vulnerability in multiple products
A flaw was found in the way ceph mon handles user requests.
network
low complexity
ceph redhat opensuse debian CWE-287
8.1