Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-8626

Опубликовано: 20 окт. 2016
Источник: redhat
CVSS3: 6.5
CVSS2: 6.3
EPSS Низкий

Описание

A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial of service attack by sending null or specially crafted POST object requests.

A flaw was found in the way Ceph Object Gateway handles POST object requests. An authenticated attacker could launch a denial of service attack by sending null or specially crafted POST object requests.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
OpenStack ForemanCephNot affected
Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)CephNot affected
Red Hat Enterprise Linux OpenStack Platform 6 (Juno)CephNot affected
Red Hat Ceph Storage 1.3 for Red Hat Enterprise Linux 7cephFixedRHSA-2016:284701.12.2016
Red Hat Ceph Storage 1.3 for UbuntuFixedRHSA-2016:284801.12.2016
Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7calamari-serverFixedRHSA-2016:281522.11.2016
Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7cephFixedRHSA-2016:281522.11.2016
Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7ceph-deployFixedRHSA-2016:281522.11.2016
Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7ceph-iscsi-configFixedRHSA-2016:281522.11.2016
Red Hat Ceph Storage 2 for Red Hat Enterprise Linux 7ceph-iscsi-toolsFixedRHSA-2016:281522.11.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=1389193Ceph: RGW Denial of Service by sending null or specially crafted POST object requests

EPSS

Процентиль: 86%
0.02873
Низкий

6.5 Medium

CVSS3

6.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-8626

CVSS3: 6.5
ubuntu
больше 7 лет назад

A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial of service attack by sending null or specially crafted POST object requests.

nvd логотип

CVE-2016-8626

CVSS3: 6.5
nvd
больше 7 лет назад

A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial of service attack by sending null or specially crafted POST object requests.

debian логотип

CVE-2016-8626

CVSS3: 6.5
debian
больше 7 лет назад

A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object ...

github логотип

GHSA-784r-h477-mqpc

CVSS3: 6.5
github
больше 3 лет назад

A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial of service attack by sending null or specially crafted POST object requests.

EPSS

Процентиль: 86%
0.02873
Низкий

6.5 Medium

CVSS3

6.3 Medium

CVSS2