Published: 21/04/2020 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

A path traversal flaw was found in the Ceph dashboard implemented in upstream versions v14.2.5, v14.2.6, v15.0.0 of Ceph storage and has been fixed in versions 14.2.7 and 15.1.0. An unauthenticated attacker could use this flaw to cause information disclosure on the host machine running the Ceph dashboard.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linuxfoundation ceph 14.2.5
linuxfoundation ceph 14.2.6
linuxfoundation ceph 15.0.0
redhat ceph storage 4.0

Debian Bug report logs - #949206 ceph: CVE-2020-1699: improper URL checking might expose sensitive information Package: src:ceph; Maintainer for src:ceph is Ceph Packaging Team <team+ceph@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 18 Jan 2020 07:51:01 UTC Severity: grave Tag ...

Results of analysis to identify fix revisions of vulnerabilities Description This data set consists of the results of analysis done by our tool The tool automatically collect vulnerability information from NVD and do following analysis Identifiyng repository The tool identifies source code repository of the product mentioned in description of the vulnerability Identifyin

CWE-22 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1699 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949206 https://nvd.nist.gov

CVE-2020-1699

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect