Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.1
CVSSv3

CVE-2022-0670

Published: 25/07/2022 Updated: 07/11/2023
CVSS v3 Base Score: 9.1 | Impact Score: 5.2 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Ceph

Vulnerability Summary

A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an malicious user to compromise Confidentiality and Integrity of a file system. Fixed in RHCS 5.2 and Ceph 17.2.2.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linuxfoundation ceph

redhat ceph storage

fedoraproject fedora 35

fedoraproject fedora 36

Vendor Advisories

Debian CVElist Bug Report Logs: ceph: CVE-2022-0670
Debian Bug report logs - #1016069 ceph: CVE-2022-0670 Package: src:ceph; Maintainer for src:ceph is Ceph Packaging Team <team+ceph@trackerdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Tue, 26 Jul 2022 11:21:04 UTC Severity: important Tags: security Reply or subscribe to this bug Toggle u ...
Red Hat: Moderate: Red Hat Ceph Storage Security, Bug Fix, and Enhancement Update
Synopsis Moderate: Red Hat Ceph Storage Security, Bug Fix, and Enhancement Update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update is now available for Red Hat Ceph Storage 52Red Hat Product Security has rated t ...
Red Hat: Moderate: New container image for Red Hat Ceph Storage 5.2 Security update
Synopsis Moderate: New container image for Red Hat Ceph Storage 52 Security update Type/Severity Security Advisory: Moderate Topic A new container image for Red Hat Ceph Storage 52 is now available in the Red Hat Ecosystem CatalogRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability ...
Red Hat: Important: Red Hat OpenShift Data Foundation 4.11.0 security, enhancement, & bugfix update
Synopsis Important: Red Hat OpenShift Data Foundation 4110 security, enhancement, & bugfix update Type/Severity Security Advisory: Important Topic Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4110 on Red Hat Enterprise Linux 8Red Hat Product Securit ...
Red Hat: Important: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update
Synopsis Important: Red Hat OpenShift Data Foundation 4130 security and bug fix update Type/Severity Security Advisory: Important Topic Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4130 on Red Hat Enterprise Linux 9Red Hat ...

References

NVD-CWE-noinfohttps://ceph.io/en/news/blog/2022/v17-2-2-quincy-released/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5O3XMDFZWA2FWU6GAYOVSFJPOUTXN42N/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TIRTTRG5O4YP2TNGDCDOHIHP2DM3DFBT/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016069https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991CVE-2024-32674path traversalCVE-2023-21987denial of servicedosCVE-2024-4647CVE-2024-25519CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook