admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-30 18:21:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2018/CVE-2018-108xx/CVE-2018-10861.json

367 lines
12 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2018-10861",
"sourceIdentifier": "secalert@redhat.com",
"published": "2018-07-10T14:29:00.213",
"lastModified": "2019-10-09T23:33:05.587",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected."
},
{
"lang": "es",
"value": "Se ha encontrado un error en la forma en la que ceph mon maneja las peticiones de usuario. Cualquier usuario de ceph autenticado que tenga acceso de lectura en ceph puede eliminar, crear pools de almacenamiento de ceph y corromper im\u00e1genes instant\u00e1neas. Se cree que las ramas de ceph master, mimic, luminous y jewel se han visto afectadas."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-285"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:10.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8901022A-8A84-494A-A5BF-358F2CBBDFFF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76788B0A-7776-4D0C-B0D7-C855E9A0231E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A925DB4-83DC-45D1-A48B-1675A111213B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D22BA440-CB28-445C-A7F8-CBD6E8965B2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A503C653-AFEB-4E5A-872B-AD033C0E2259"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7C00462A-A1B8-42A7-9336-DE1BF5510B6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3505D4E2-4EA8-40A4-A57C-46CCA9922EF3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "09EC481B-79F0-41DB-B95F-D1A221C96F4B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "31F159B5-AF02-48BE-B994-749F21B9D362"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:10.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D9684039-7938-405D-B833-4C54BFBD6476"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:10.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8FAE4350-8F39-4E78-AB25-17DE76FD57AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:10.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3B2369D2-4413-447C-A0A8-84CA37B1F5B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:12.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3515BF53-4921-462F-820E-B842BB3FF066"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:12.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "48067E54-26F5-4020-BCEA-A65C2536618B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:12.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A86B91-78C3-4D02-B7C8-11AAFB1CCCEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:12.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDBD084F-4A0B-4231-8465-61F8BE5E57F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:12.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0885F67A-E01B-4BF2-A760-D452B55C5F69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:12.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9D95E9-52F3-459C-89AD-6FCA6A975085"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:12.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "087C6821-9A77-4CC8-8AA0-2C51414D9B58"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:12.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A667C6AF-76D4-4192-A8BF-395F368EFAE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:13.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13BF6806-6E69-4172-9260-2E97FB253339"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ceph:ceph:13.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAE0EE4-BBE9-4DBD-84CC-9A72E97E73E6"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:ceph_storage:3:*:*:*:*:*:*:*",
"matchCriteriaId": "E9184616-421F-4EA9-AC1A-A4C95BBAAC99"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:ceph_storage_mon:2:*:*:*:*:*:*:*",
"matchCriteriaId": "8C2EBAD9-F0D5-4176-9C4D-001B230E699E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:ceph_storage_mon:3:*:*:*:*:*:*:*",
"matchCriteriaId": "CD2F9BA8-FE0A-43DE-A756-C35A24C3D96E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:ceph_storage_osd:2:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5F5227-DBDA-4C01-BF7C-4D53F455404F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:ceph_storage_osd:3:*:*:*:*:*:*:*",
"matchCriteriaId": "A80BACB5-7A56-4BC6-9261-58A3860F4E8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://tracker.ceph.com/issues/24838",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/104742",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:2177",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:2179",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:2261",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:2274",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593308",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/ceph/ceph/commit/975528f632f73fbffa3f1fee304e3bbe3296cffc",
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2018/dsa-4339",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue Copy Permalink