Lucene search
Redhat.comRH:CVE-2018-10861HistoryAug 14, 2021 - 10:35 p.m.
CVE-2018-10861
2021-08-1422:35:41
redhat.com
access.redhat.com
11
0.004 Low
EPSS
Percentile
75.1%
A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete and corrupt snapshot images
Mitigation
Use mon_allow_pool_delete = false in ceph.conf to disable deletion of pools
~]$ for p in rados lspools
do
ceph osd pool set $p nodelete true
done
caveat: This mitigation does not protect against attacker from corrupting snapshot images
Related
nessus
nessus
Photon OS 2.0: Ceph PHSA-2018-2.0-0104
2019-02-07 00:00:00
SUSE SLED12 / SLES12 Security Update : ceph (SUSE-SU-2018:2478-1)
2018-08-23 00:00:00
SUSE SLED12 / SLES12 Security Update : ceph (SUSE-SU-2018:2193-1)
2018-08-06 00:00:00
debiancve
debiancve
CVE-2018-10861
2018-07-10 14:29:00
photon
photon
osv
osv
CVE-2018-10861
2018-07-10 14:29:00
ceph - security update
2018-11-13 00:00:00
prion
prion
Design/Logic Flaw
2018-07-10 14:29:00
ubuntucve
ubuntucve
CVE-2018-10861
2018-07-10 00:00:00
veracode
veracode
Authorization Bypass
2019-01-15 09:24:15
nvd
nvd
CVE-2018-10861
2018-07-10 14:29:00
cve
cve
CVE-2018-10861
2018-07-10 14:29:00
cvelist
cvelist
CVE-2018-10861
2018-07-09 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2018:2478-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:2193-1)
2021-06-09 00:00:00
Fedora Update for ceph FEDORA-2018-8738f5f4a7
2018-08-07 00:00:00
redhat
redhat
fedora
fedora
[SECURITY] Fedora 28 Update: ceph-12.2.6-1.fc28
2018-07-18 18:32:39
[SECURITY] Fedora 27 Update: ceph-12.2.7-1.fc27
2018-08-07 00:12:20
suse
suse
Security update for ceph (important)
2018-08-10 03:07:22
Security update for ceph (moderate)
2019-04-28 00:00:00