Vulnerabilities > Redhat > Ceph > 13.2.4

DATE CVE VULNERABILITY TITLE RISK
2021-05-26 CVE-2020-27839 Unspecified vulnerability in Redhat Ceph
A flaw was found in ceph-dashboard.
network
low complexity
redhat
5.4
5.4
2021-05-18 CVE-2021-3531 Reachable Assertion vulnerability in multiple products
A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21.
network
low complexity
redhat fedoraproject CWE-617
5.3
5.3
2021-05-17 CVE-2021-3524 Injection vulnerability in multiple products
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.21.
network
low complexity
redhat fedoraproject debian CWE-74
6.5
6.5
2021-01-08 CVE-2020-25678 A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text.
local
low complexity
redhat fedoraproject
4.4
4.4
2020-12-18 CVE-2020-27781 Insufficiently Protected Credentials vulnerability in multiple products
User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation.
local
low complexity
redhat fedoraproject CWE-522
7.1
7.1
2020-11-23 CVE-2020-25660 A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus.
low complexity
redhat fedoraproject
8.8
8.8