Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-10861

Опубликовано: 10 июл. 2018
Источник: nvd
CVSS3: 8.1
CVSS2: 5.5
EPSS Низкий

Описание

A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ceph:ceph:10.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:10.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:10.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:10.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:10.2.4:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:10.2.5:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:10.2.6:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:10.2.7:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:10.2.8:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:10.2.9:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:10.2.10:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:10.2.11:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:12.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:12.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:12.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:12.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:12.2.4:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:12.2.5:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:12.2.6:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:12.2.7:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:13.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ceph:ceph:13.2.1:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:redhat:ceph_storage:3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ceph_storage_mon:2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ceph_storage_mon:3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ceph_storage_osd:2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ceph_storage_osd:3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
Конфигурация 4
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 68%
0.0058
Низкий

8.1 High

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-285
CWE-287

Связанные уязвимости

ubuntu логотип

CVE-2018-10861

CVSS3: 8.1
ubuntu
больше 7 лет назад

A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected.

redhat логотип

CVE-2018-10861

CVSS3: 4.6
redhat
больше 7 лет назад

A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected.

debian логотип

CVE-2018-10861

CVSS3: 8.1
debian
больше 7 лет назад

A flaw was found in the way ceph mon handles user requests. Any authen ...

github логотип

GHSA-58jc-hvg4-pxxm

CVSS3: 8.1
github
больше 3 лет назад

A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected.

suse-cvrf логотип

openSUSE-SU-2018:2283-1

suse-cvrf
больше 7 лет назад

Security update for ceph

EPSS

Процентиль: 68%
0.0058
Низкий

8.1 High

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-285
CWE-287