Описание
A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 12.2.12-0ubuntu0.18.04.2 |
| devel | not-affected | 14.2.2-0ubuntu2 |
| disco | released | 13.2.6-0ubuntu0.19.04.3 |
| esm-infra-legacy/trusty | not-affected | code not present |
| esm-infra/bionic | released | 12.2.12-0ubuntu0.18.04.2 |
| esm-infra/xenial | not-affected | code not present |
| precise/esm | not-affected | code not present |
| trusty | ignored | end of standard support |
| trusty/esm | not-affected | code not present |
| upstream | needs-triage |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.
A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.
A flaw was found in the Ceph RGW configuration with Beast as the front ...
A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.
EPSS
5 Medium
CVSS2
7.5 High
CVSS3