CVE-2019-10222 | xxxCVE-2019-10222 – xxx
菜单






CVE-2019-10222

九月 30, 2020 - 未分类

  1. CVE-Search
  2. CVE-2019-10222
ID CVE-2019-10222
SummaryA flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.
References
Vulnerable Configurations
  • cpe:2.3:a:ceph:ceph:-:*:*:*:*:*:*:*
    cpe:2.3:a:ceph:ceph:-:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:ceph_storage:3.3:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:ceph_storage:3.3:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 01-10-2020 – 16:54)
Impact:
Exploitability:
CWECWE-755
CAPEC

    Access
    VectorComplexityAuthentication
    NETWORKLOWNONE
    Impact
    ConfidentialityIntegrityAvailability
    NONENONEPARTIAL
    cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
    redhat via4
    rpms
    • ceph-base-2:12.2.12-48.el7cp
    • ceph-common-2:12.2.12-48.el7cp
    • ceph-debuginfo-2:12.2.12-48.el7cp
    • ceph-fuse-2:12.2.12-48.el7cp
    • ceph-mds-2:12.2.12-48.el7cp
    • ceph-mgr-2:12.2.12-48.el7cp
    • ceph-mon-2:12.2.12-48.el7cp
    • ceph-osd-2:12.2.12-48.el7cp
    • ceph-radosgw-2:12.2.12-48.el7cp
    • ceph-selinux-2:12.2.12-48.el7cp
    • ceph-test-2:12.2.12-48.el7cp
    • libcephfs-devel-2:12.2.12-48.el7cp
    • libcephfs2-2:12.2.12-48.el7cp
    • librados-devel-2:12.2.12-48.el7cp
    • librados2-2:12.2.12-48.el7cp
    • libradosstriper1-2:12.2.12-48.el7cp
    • librbd-devel-2:12.2.12-48.el7cp
    • librbd1-2:12.2.12-48.el7cp
    • librgw-devel-2:12.2.12-48.el7cp
    • librgw2-2:12.2.12-48.el7cp
    • python-cephfs-2:12.2.12-48.el7cp
    • python-rados-2:12.2.12-48.el7cp
    • python-rbd-2:12.2.12-48.el7cp
    • python-rgw-2:12.2.12-48.el7cp
    • rbd-mirror-2:12.2.12-48.el7cp
    refmap via4
    confirm https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10222
    misc https://tracker.ceph.com/issues/40018
    Last major update01-10-2020 – 16:54
    Published08-11-2019 – 15:15
    Last modified01-10-2020 – 16:54







    Notice: Undefined variable: canUpdate in /var/www/html/wordpress/wp-content/plugins/wp-autopost-pro/wp-autopost-function.php on line 51