CVE-2016-7031
ceph: RGW permits bucket listing when authenticated_users=read
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The RGW code in Ceph before 10.0.1, when authenticated-read ACL is applied to a bucket, allows remote attackers to list the bucket contents via a URL.
El código RGW en Ceph en versiones anteriores a 10.0.1, cuando la lectura autenticada ACL es aplicada a un compartimento, permite a atacantes remotos listar el contenido del compartimento a través de una URL.
A flaw was found in Ceph RGW code which allows an anonymous user to list contents of RGW bucket by bypassing ACL which should only allow authenticated users to list contents of bucket.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-08-23 CVE Reserved
- 2016-09-29 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
- CWE-254: 7PK - Security Features
CAPEC
References (8)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/93240 | Vdb Entry |
URL | Date | SRC |
---|---|---|
http://tracker.ceph.com/issues/13207 | 2024-08-06 |
URL | Date | SRC |
---|---|---|
https://github.com/ceph/ceph/pull/6057 | 2016-11-28 |
URL | Date | SRC |
---|---|---|
http://docs.ceph.com/docs/master/release-notes/#v10-0-1 | 2016-11-28 | |
http://rhn.redhat.com/errata/RHSA-2016-1972.html | 2016-11-28 | |
http://rhn.redhat.com/errata/RHSA-2016-1973.html | 2016-11-28 | |
https://access.redhat.com/security/cve/CVE-2016-7031 | 2016-09-29 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1372446 | 2016-09-29 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Ceph Project Search vendor "Ceph Project" | Ceph Search vendor "Ceph Project" for product "Ceph" | <= 10.0.0 Search vendor "Ceph Project" for product "Ceph" and version " <= 10.0.0" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Ceph Storage Search vendor "Redhat" for product "Ceph Storage" | <= 1.3.2 Search vendor "Redhat" for product "Ceph Storage" and version " <= 1.3.2" | - |
Affected
|