The RGW code in Ceph prior to 10.0.1, when authenticated-read ACL is applied to a bucket, allows remote malicious users to list the bucket contents via a URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ceph project ceph |
||
redhat ceph storage |