CVE-2018-14662

Опубликовано: 15 янв. 2019

Источник: debian

EPSS Низкий

Описание

It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
ceph	fixed	12.2.11+dfsg1-1		package

Примечания

https://bugzilla.redhat.com/show_bug.cgi?id=1637327
https://github.com/ceph/ceph/commit/a2acedd2a7e12d58af6db35edbd8a9d29c557578

EPSS

Процентиль: 19%

0.00062

Низкий

Связанные уязвимости

CVE-2018-14662

CVSS3: 5.7

ubuntu

около 7 лет назад

It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption.

CVE-2018-14662

CVSS3: 3.5

redhat

около 7 лет назад

It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption.

CVE-2018-14662

CVSS3: 5.7

nvd

около 7 лет назад

It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption.

GHSA-w2x2-w9fr-cf6g

CVSS3: 5.7

github

больше 3 лет назад

It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption.

BDU:2020-01537

CVSS3: 5.7

fstec

около 7 лет назад

Уязвимость системы хранения данных Ceph, связанная с ошибкой процедуры авторизации, позволяющая нарушителю получить несанкционированный доступ к ключам шифрования dm-crypt

EPSS

Процентиль: 19%

0.00062

Низкий