VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Redhat
> Ceph Storage
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-05-18
CVE-2021-3531
Reachable Assertion vulnerability in multiple products
A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21.
network
low complexity
redhat
fedoraproject
CWE-617
5.3
5.3
2021-05-17
CVE-2021-3524
Injection vulnerability in multiple products
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.21.
network
low complexity
redhat
fedoraproject
debian
CWE-74
6.5
6.5
2021-04-15
CVE-2021-20288
Improper Authentication vulnerability in multiple products
An authentication flaw was found in ceph in versions before 14.2.20.
network
low complexity
linuxfoundation
redhat
fedoraproject
debian
CWE-287
7.2
7.2
2021-01-08
CVE-2020-25678
A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text.
local
low complexity
redhat
fedoraproject
4.4
4.4
2020-12-18
CVE-2020-27781
Insufficiently Protected Credentials vulnerability in multiple products
User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation.
local
low complexity
redhat
fedoraproject
CWE-522
7.1
7.1
2020-12-08
CVE-2020-25677
A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions.
local
low complexity
ceph
redhat
5.5
5.5
2020-11-23
CVE-2020-25660
A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus.
low complexity
redhat
fedoraproject
8.8
8.8
2020-09-30
CVE-2020-25626
Cross-site Scripting vulnerability in multiple products
A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2.
network
low complexity
encode
redhat
debian
CWE-79
6.1
6.1
2020-09-23
CVE-2020-14365
A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module.
local
low complexity
redhat
debian
7.1
7.1
2020-06-26
CVE-2020-10753
Injection vulnerability in multiple products
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway).
network
low complexity
redhat
fedoraproject
opensuse
linuxfoundation
canonical
CWE-74
6.5
6.5
«
Previous
1
2
(current)
3
4
5
»
Next