Lucene search

K

RedhatCVELIST:CVE-2018-10861

HistoryJul 09, 2018 - 12:00 a.m.

CVE-2018-10861

2018-07-0900:00:00

CWE-285

redhat

www.cve.org

1

6.7 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

75.1%

A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected.

CNA Affected

[
  {
    "product": "ceph",
    "vendor": "Red Hat, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "all versions in branches master, mimic, luminous and jewel"
      }
    ]
  }
]

References

lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html

tracker.ceph.com/issues/24838

www.securityfocus.com/bid/104742

access.redhat.com/errata/RHSA-2018:2177

access.redhat.com/errata/RHSA-2018:2179

access.redhat.com/errata/RHSA-2018:2261

access.redhat.com/errata/RHSA-2018:2274

bugzilla.redhat.com/show_bug.cgi?id=1593308

github.com/ceph/ceph/commit/975528f632f73fbffa3f1fee304e3bbe3296cffc

www.debian.org/security/2018/dsa-4339

6.7 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

75.1%

Related for CVELIST:CVE-2018-10861

nessus11 debiancve1 photon1 redhatcve1 osv2 prion1 ubuntucve1 veracode1 nvd1 cve1 openvas8 redhat4 fedora2 suse2