CVE-2020-10753

Related Files

Gentoo Linux Security Advisory 202105-39

Posted May 27, 2021

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202105-39 - Multiple vulnerabilities have been found in Ceph, the worst of which could result in privilege escalation. Versions less than 14.2.21 are affected.

tags | advisory, vulnerability

systems | linux, gentoo

advisories | CVE-2020-10753, CVE-2020-1759, CVE-2020-1760, CVE-2020-25660, CVE-2020-25678, CVE-2020-27781, CVE-2021-20288

MD5 | d9c394d2cb2d7f6645bb6b9ed70f12a0

Download | Favorite | View

Ubuntu Security Notice USN-4706-1

Posted Jan 28, 2021

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4706-1 - Olle Segerdahl found that ceph-mon and ceph-mgr daemons did not properly restrict access, resulting in gaining access to unauthorized resources. An authenticated user could use this vulnerability to modify the configuration and possibly conduct further attacks. Adam Mohammed found that Ceph Object Gateway was vulnerable to HTTP header injection via a CORS ExposeHeader tag. An attacker could use this to gain access or cause a crash. Various other issues were also addressed.

tags | advisory, web

systems | linux, ubuntu

advisories | CVE-2020-10736, CVE-2020-10753, CVE-2020-25660

MD5 | bebf402244a4c2e679e813eb9b40b74c

Download | Favorite | View

Ubuntu Security Notice USN-4528-1

Posted Sep 22, 2020

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4528-1 - Adam Mohammed discovered that Ceph incorrectly handled certain CORS ExposeHeader tags. A remote attacker could possibly use this issue to perform an HTTP header injection attack. Lei Cao discovered that Ceph incorrectly handled certain POST requests with invalid tagging XML. A remote attacker could possibly use this issue to cause Ceph to crash, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.

tags | advisory, remote, web, denial of service

systems | linux, ubuntu

advisories | CVE-2020-10753, CVE-2020-12059, CVE-2020-1760

MD5 | fab54bac4dc3199926f75767984dd1fa

Download | Favorite | View

Red Hat Security Advisory 2020-3504-01

Posted Aug 19, 2020

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3504-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.

tags | advisory

systems | linux, redhat

advisories | CVE-2020-10753

MD5 | 00f438aac9ab60fd59f9b679de123585

Download | Favorite | View

Red Hat Security Advisory 2020-3505-01

Posted Aug 19, 2020

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3505-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.

tags | advisory

systems | linux, redhat

advisories | CVE-2020-10753

MD5 | 078295f3dad4e45b25caef5f5b6ff16a

Download | Favorite | View

Red Hat Security Advisory 2020-3003-01

Posted Jul 20, 2020

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3003-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss

systems | linux, redhat

advisories | CVE-2020-10753, CVE-2020-1760

MD5 | fc492b96cd3af3b2842f919f6ccc0fea

Download | Favorite | View