Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2024:0745
HistoryFeb 08, 2024 - 4:19 p.m.

(RHSA-2024:0745) Moderate: Red Hat Ceph Storage 5.3 Security update

2024-02-0816:19:54
access.redhat.com
22
red hat ceph storage
scalable storage platform
ceph management
bug fixes
security update

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

13.2%

JSON

Red Hat Ceph Storage is a scalable, open, software-defined storage platform
that combines the most stable version of the Ceph storage system with a
Ceph management platform, deployment utilities, and support services.

These updated packages include numerous bug fixes. Space precludes
documenting all of these changes in this advisory. Users are directed to
the Red Hat Ceph Storage Release Notes for information on the most
significant of these changes:

https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/5.3/html/release_notes/index

All users of Red Hat Ceph Storage are advised to update to these packages
that provide various bug fixes.

Security Fix(es):

  • rgw: improperly verified POST keys (CVE-2023-43040)

  • ceph: RGW crash upon misconfigured CORS rule (CVE-2023-46159)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat9s390xlibradosstriper1< 16.2.10-248.el9cplibradosstriper1-16.2.10-248.el9cp.s390x.rpm
RedHat9noarchceph-mib< 16.2.10-248.el9cpceph-mib-16.2.10-248.el9cp.noarch.rpm
RedHat8x86_64python3-rgw-debuginfo< 16.2.10-248.el8cppython3-rgw-debuginfo-16.2.10-248.el8cp.x86_64.rpm
RedHat9s390xlibcephfs2< 16.2.10-248.el9cplibcephfs2-16.2.10-248.el9cp.s390x.rpm
RedHat9ppc64lelibradosstriper1< 16.2.10-248.el9cplibradosstriper1-16.2.10-248.el9cp.ppc64le.rpm
RedHat9s390xpython3-rgw< 16.2.10-248.el9cppython3-rgw-16.2.10-248.el9cp.s390x.rpm
RedHat9s390xcephfs-mirror-debuginfo< 16.2.10-248.el9cpcephfs-mirror-debuginfo-16.2.10-248.el9cp.s390x.rpm
RedHat8s390xrbd-mirror< 16.2.10-248.el8cprbd-mirror-16.2.10-248.el8cp.s390x.rpm
RedHat9s390xceph-resource-agents< 16.2.10-248.el9cpceph-resource-agents-16.2.10-248.el9cp.s390x.rpm
RedHat8ppc64lelibradosstriper1< 16.2.10-248.el8cplibradosstriper1-16.2.10-248.el8cp.ppc64le.rpm
Rows per page:
1-10 of 3451

Related

nessus 5
cve 2
redhatcve 2
cvelist 2
cbl_mariner 1
veracode 1
redhat 2
ubuntucve 1
nvd 2
vulnrichment 1
prion 1
ubuntu 1
openvas 2
amazon 1
osv 2
ibm 3
cnvd 1
debiancve 1
debian 1
nessus
nessus
RHEL 8 / 9 : Red Hat Ceph Storage 5.3 Security update (Moderate) (RHSA-2024:0745)
2024-02-09 00:00:00
RHEL 9 : Red Hat Ceph Storage 6.1 (RHSA-2023:5693)
2023-10-12 00:00:00
Amazon Linux 2 : ceph-common (ALAS-2023-2297)
2023-10-20 00:00:00
cve
cve
CVE-2023-46159
2024-02-02 03:15:09
CVE-2023-43040
2024-05-14 13:46:23
redhatcve
redhatcve
CVE-2023-46159
2024-02-08 12:36:39
CVE-2023-43040
2023-09-27 06:24:45
cvelist
cvelist
CVE-2023-46159 IBM Storage Ceph denial of service
2024-02-02 02:28:51
CVE-2023-43040 IBM Spectrum Fusion HCI improper access control
2024-05-13 02:18:30
cbl_mariner
cbl_mariner
CVE-2023-43040 affecting package ceph for versions less than 16.2.10-4
2024-06-12 22:23:00
veracode
veracode
Improper Access Control
2023-10-10 03:23:18
redhat
redhat
(RHSA-2023:5693) Moderate: Red Hat Ceph Storage 6.1 security, enhancement, and bug fix update
2023-10-12 16:11:56
(RHSA-2023:6832) Important: Red Hat OpenShift Data Foundation 4.14.0 security, enhancement & bug fix update
2023-11-08 18:47:43
ubuntucve
ubuntucve
CVE-2023-43040
2023-09-27 00:00:00
nvd
nvd
CVE-2023-43040
2024-05-14 13:46:23
CVE-2023-46159
2024-02-02 03:15:09
vulnrichment
vulnrichment
CVE-2023-43040 IBM Spectrum Fusion HCI improper access control
2024-05-13 02:18:30
prion
prion
Code injection
2024-02-02 03:15:00
ubuntu
ubuntu
Ceph vulnerability
2024-01-29 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6613-1)
2024-01-30 00:00:00
Debian: Security Advisory (DLA-3629-1)
2023-10-24 00:00:00
amazon
amazon
Medium: ceph-common
2023-10-12 15:09:00
osv
osv
ceph vulnerability
2024-01-29 18:08:52
ceph - security update
2023-10-23 00:00:00
ibm
ibm
Security Bulletin: IBM Storage Ceph is vulnerable to Uncontrolled Resource Consumption in Ceph (CVE-2023-46159)
2024-01-18 21:15:03
Security Bulletin: IBM Storage Ceph is vulnerable to Uncontrolled Resource Consumption in Ceph (CVE-2023-46159)
2024-01-26 22:04:48
Security Bulletin: IBM Storage Fusion HCI is vulnerable to unauthorized access due to a flaw in Ceph RGW.
2024-05-11 16:52:48
cnvd
cnvd
IBM Storage Ceph Input Validation Error Vulnerability
2024-02-22 00:00:00
debiancve
debiancve
CVE-2023-43040
2024-05-14 13:46:23
debian
debian
[SECURITY] [DLA 3629-1] ceph security update
2023-10-23 16:59:44

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

13.2%

JSON
Related for RHSA-2024:0745
nessus5cve2redhatcve2cvelist2cbl_mariner1veracode1redhat2ubuntucve1nvd2vulnrichment1prion1ubuntu1openvas2amazon1osv2ibm3cnvd1debiancve1debian1