CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-52555 – CephFS Permission Escalation Vulnerability in Ceph Fuse mounted FS
https://notcve.org/view.php?id=CVE-2025-52555
26 Jun 2025 — Ceph is a distributed object, block, and file storage platform. In versions 17.2.7, 18.2.1 through 18.2.4, and 19.0.0 through 19.2.2, an unprivileged user can escalate to root privileges in a ceph-fuse mounted CephFS by chmod 777 a directory owned by root to gain access. The result of this is that a user could read, write and execute to any directory owned by root as long as they chmod 777 it. This impacts confidentiality, integrity, and availability. It is patched in versions 17.2.8, 18.2.5, and 19.2.3. • https://github.com/ceph/ceph/pull/60314 • CWE-269: Improper Privilege Management •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-48916 – Ceph is vulnerable to authentication bypass through RadosGW
https://notcve.org/view.php?id=CVE-2024-48916
09 Dec 2024 — Ceph is a distributed object, block, and file storage platform. In versions 19.2.3 and below, it is possible to send an JWT that has "none" as JWT alg. And by doing so the JWT signature is not checked. The vulnerability is most likely in the RadosGW OIDC provider. As of time of publication, a known patched version has yet to be published. • https://github.com/ceph/ceph/security/advisories/GHSA-5g9m-mmp6-93mq • CWE-345: Insufficient Verification of Data Authenticity •