CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-1699
https://notcve.org/view.php?id=CVE-2020-1699
A path traversal flaw was found in the Ceph dashboard implemented in upstream versions v14.2.5, v14.2.6, v15.0.0 of Ceph storage and has been fixed in versions 14.2.7 and 15.1.0. An unauthenticated attacker could use this flaw to cause information disclosure on the host machine running the Ceph dashboard. Se encontró un fallo de Salto de Ruta en el panel de control de Ceph implementado en las versiones anteriores a la versión v14.2.5, v14.2.6, v15.0.0 del almacenamiento de Ceph y se ha corregido en las versiones 14.2.7 y 15.1.0. Un atacante no autenticado podría usar este fallo para causar una divulgación de información en la máquina host que ejecuta el panel de control de Ceph. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1699 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-1759
https://notcve.org/view.php?id=CVE-2020-1759
A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks. Se detectó una vulnerabilidad en Red Hat Ceph Storage versión 4 y Red Hat Openshift Container Storage versión 4.2 donde, se detectó una vulnerabilidad de reutilización de nonce en el modo seguro del protocolo de messenger v2, que puede permitir a un atacante falsificar etiquetas de autenticación y potencialmente manipular los datos al aprovechar la reutilización de un nonce en una sesión. Los mensajes cifrados usando un valor nonce reutilizado, son susceptibles de serios ataques de confidencialidad e integridad. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1759 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P3A2UFR5IUIEXJUCF64GQ5OVLCZGODXE https://security.gentoo.org/glsa/202105-39 • CWE-323: Reusing a Nonce, Key Pair in Encryption CWE-330: Use of Insufficiently Random Values •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-16889 – ceph: debug logging for v4 auth does not sanitize encryption keys
https://notcve.org/view.php?id=CVE-2018-16889
Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the leaking of encryption key information in log files via plaintext. Versions up to v13.2.4 are vulnerable. Ceph no sanea de manera correcta las claves de cifrado en registros de depuración para autenticaciones v4. Esto resulta en el filtrado de información sobre las claves de cifrado en los archivos de registro mediante texto plano. • http://www.securityfocus.com/bid/106528 https://access.redhat.com/errata/RHSA-2019:2538 https://access.redhat.com/errata/RHSA-2019:2541 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16889 https://usn.ubuntu.com/4035-1 https://access.redhat.com/security/cve/CVE-2018-16889 https://bugzilla.redhat.com/show_bug.cgi?id=1665334 • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-312: Cleartext Storage of Sensitive Information CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.7EPSS: 0%CPEs: 10EXPL: 0CVE-2018-14662 – ceph: authenticated user with read only permissions can steal dm-crypt / LUKS key
https://notcve.org/view.php?id=CVE-2018-14662
It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption. En Ceph en versiones anteriores a la 13.2.4, se ha detectado que los usuarios ceph autenticados con permisos de solo lectura podrían robar las claves de cifrado dm-crypt empleadas durante el cifrado de disco ceph. It was found that authenticated ceph user with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html https://access.redhat.com/errata/RHSA-2019:2538 https://access.redhat.com/errata/RHSA-2019:2541 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14662 https://ceph.com/releases/13-2-4-mimic-released https://lists.debian.org/debian-lts-announce/2019/03/msg00002.html https://lists.debian.org/debian-lts-announce/2021/08/msg00013.html https://usn.ubuntu.com/4035-1 https://access.redhat.com/securi • CWE-285: Improper Authorization CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2018-16846 – ceph: ListBucket max-keys has no defined limit in the RGW codebase
https://notcve.org/view.php?id=CVE-2018-16846
It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices. Se ha detectado en Ceph, en versiones anteriores a la 13.2.4, que los usuarios ceph RGW autenticados pueden provocar una denegación de servicio (DoS) contra los índices OMAP de depósito de retención. A flaw was found in the way the ListBucket function max-keys has no defined limit in the RGW codebase. An authenticated ceph RGW user can cause a denial of service attack against OMAPs holding bucked indices. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html https://access.redhat.com/errata/RHSA-2019:2538 https://access.redhat.com/errata/RHSA-2019:2541 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16846 https://ceph.com/releases/13-2-4-mimic-released https://lists.debian.org/debian-lts-announce/2019/03/msg00002.html https://lists.debian.org/debian-lts-announce/2021/08/msg00013.html https://usn.ubuntu.com/4035-1 https://access.redhat.com/securi • CWE-770: Allocation of Resources Without Limits or Throttling •