CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-3524 – gateway: radosgw: CRLF injection
https://notcve.org/view.php?id=CVE-2021-3524
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. In addition, the prior bug fix for CVE-2020-10753 did not account for the use of \r as a header separator, thus a new flaw has been created. Se encontró un fallo en Red Hat Ceph Storage RadosGW (Ceph Object Gateway) en versiones anteriores a la 14.2.21. • https://bugzilla.redhat.com/show_bug.cgi?id=1951674 https://lists.debian.org/debian-lts-announce/2021/08/msg00013.html https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FX5ZHI5L7FOHXOSEV3TYBAL66DMLJ7V5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LPCJN2YDZCBMF4FOJXSTAADKFGEQEO7O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message&#x • CWE-20: Improper Input Validation CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 8.0EPSS: 0%CPEs: 6EXPL: 0CVE-2021-20288 – ceph: Unauthorized global_id reuse in cephx
https://notcve.org/view.php?id=CVE-2021-20288
An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests, it doesn't sanitize other_keys, allowing key reuse. An attacker who can request a global_id can exploit the ability of any user to request a global_id previously associated with another user, as ceph does not force the reuse of old keys to generate new ones. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo de autenticación en ceph en versiones anteriores a 14.2.20. • https://bugzilla.redhat.com/show_bug.cgi?id=1938031 https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/362CEPPYF3YMJZBEJQUT3KDE2EHYYIYQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BPIAYTRCWAU4XWCDBK2THEFVXSC4XGK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JVWUKUUS5BCIFWRV3JCUQMAPJ4HIWSED https://security.gentoo.org/glsa/202105-39 ht • CWE-287: Improper Authentication •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2020-25678 – ceph: mgr modules' passwords are in clear text in mgr logs
https://notcve.org/view.php?id=CVE-2020-25678
A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible. Se encontró un fallo en ceph en versiones anteriores a 16.yz, donde ceph almacena contraseñas del módulo mgr en texto sin cifrar. Esto puede ser encontrado al buscar en los registros mgr para grafana y dashboard, con contraseñas visibles A flaw was found in Ceph where Ceph stores mgr module passwords in clear text. This issue can be found by searching the mgr logs for Grafana and dashboard, with passwords visible. • https://bugzilla.redhat.com/show_bug.cgi?id=1892109 https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OQTBKVXVYP7GPQNZ5VASOIJHMLK7727M https://security.gentoo.org/glsa/202105-39 https://tracker.ceph.com/issues/37503 https://access.redhat.com/security/cve/CVE-2020-25678 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2020-27781 – ceph: User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila
https://notcve.org/view.php?id=CVE-2020-27781
User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved via the interface drivers. Then, all users of the requesting OpenStack project can view the access key. This enables the attacker to target any resource that the user has access to. • https://bugzilla.redhat.com/show_bug.cgi?id=1900109 https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJ7FFROL25FYRL6FMI33VRKOD74LINRP https://security.gentoo.org/glsa/202105-39 https://access.redhat.com/security/cve/CVE-2020-27781 • CWE-522: Insufficiently Protected Credentials •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-25677 – ceph-ansible: insecure ownership on /etc/ceph/iscsi-gateway.conf configuration file
https://notcve.org/view.php?id=CVE-2020-25677
A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions. This flaw allows any user on the system to read sensitive information within this file. The highest threat from this vulnerability is to confidentiality. Se ha encontrado un fallo en Ceph-ansible v4.0.41 en el que se crea un archivo /etc/ceph/iscsi-gateway.conf con permisos inseguros por defecto. Este fallo permite a cualquier usuario del sistema leer información sensible dentro de este archivo. • https://bugzilla.redhat.com/show_bug.cgi?id=1892108 https://access.redhat.com/security/cve/CVE-2020-25677 • CWE-312: Cleartext Storage of Sensitive Information •