Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat ceph storage 3.0 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2018-19039
Grafana prior to 4.6.5 and 5.x prior to 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.
Grafana Grafana
Redhat Enterprise Linux Workstation 7.0
Redhat Ceph Storage 3.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 7.0
Netapp Active Iq Performance Analytics Services -
Netapp Storagegrid Webscale Nas Bridge -
3.6
CVSSv2
CVE-2020-27781
User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved vi...
Redhat Ceph
Redhat Ceph Storage 3.0
Redhat Ceph Storage 2.0
Redhat Openshift Container Platform 4.0
Redhat Ceph Storage 4.0
Redhat Openstack Platform 13.0
Fedoraproject Fedora 33
2.7
CVSSv2
CVE-2018-14662
It was found Ceph versions prior to 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption.
Redhat Ceph
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.0
Redhat Ceph Storage 2.0
Redhat Ceph Storage 3.0
Redhat Enterprise Linux Server 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
2.1
CVSSv2
CVE-2020-25677
A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions. This flaw allows any user on the system to read sensitive information within this file. The highest threat from this vulnerability is to confidentiality.
Ceph Ceph-ansible 4.0.41
Redhat Ceph Storage 3.0
Redhat Ceph Storage 4.0
2.1
CVSSv2
CVE-2020-12458
An information-disclosure flaw was found in Grafana up to and including 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted datasource p...
Grafana Grafana
Redhat Ceph Storage 3.0
Redhat Enterprise Linux 8.0
Redhat Ceph Storage 4.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
2.1
CVSSv2
CVE-2013-2164
The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel up to and including 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive.
Linux Linux Kernel 3.0.37
Linux Linux Kernel 3.0.38
Linux Linux Kernel 3.2.12
Linux Linux Kernel 3.2.13
Linux Linux Kernel 3.1
Linux Linux Kernel 3.0.60
Linux Linux Kernel 3.0.64
Linux Linux Kernel 3.0
Linux Linux Kernel 3.0.52
Linux Linux Kernel 3.0.45
Linux Linux Kernel 3.0.47
Linux Linux Kernel 3.0.23
Linux Linux Kernel 3.0.20
Linux Linux Kernel 3.0.15
Linux Linux Kernel 3.0.12
Linux Linux Kernel 3.1.9
Linux Linux Kernel 3.1.8
Linux Linux Kernel 3.1.7
Linux Linux Kernel 3.2
Linux Linux Kernel 3.0.27
Linux Linux Kernel 3.0.34
Linux Linux Kernel 3.0.5
1.9
CVSSv2
CVE-2020-10685
A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x prior to 2.7.17 and 2.8.x prior to 2.8.11 and 2.9.x prior to 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as ass...
Redhat Ansible Tower
Redhat Ansible Engine
Redhat Ceph Storage 3.0
Redhat Openstack 10
Redhat Ceph Storage 2.0
Redhat Storage 3.0
Redhat Openstack 13
Redhat Openstack 15
Debian Debian Linux 10.0
NA
CVE-2023-48795
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH prior to 9.6 and other products, allows remote malicious users to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may conseque...
Openbsd Openssh
Putty Putty
Filezilla-project Filezilla Client
Microsoft Powershell
Panic Transmit 5
Panic Nova
Roumenpetrov Pkixssh
Winscp Winscp
Bitvise Ssh Client
Bitvise Ssh Server
Lancom-systems Lcos
Lancom-systems Lcos Fx -
Lancom-systems Lcos Lx -
Lancom-systems Lcos Sx 5.20
Lancom-systems Lcos Sx 4.20
Lancom-systems Lanconfig -
Vandyke Securecrt
Libssh Libssh
Net-ssh Net-ssh 7.2.0
Ssh2 Project Ssh2
Proftpd Proftpd
Freebsd Freebsd
8 Github repositories
1 Article
NA
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
35 Github repositories
2 Articles
NA
CVE-2022-3854
A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service.
Redhat Ceph Storage 3.0
Redhat Ceph Storage 4.0
Redhat Ceph Storage 5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »