vulnerability
CentOS Linux: CVE-2019-10222: Important: ceph security update (CESA-2019:2577)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Nov 8, 2019 | Mar 2, 2020 | May 25, 2023 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Nov 8, 2019
Added
Mar 2, 2020
Modified
May 25, 2023
Description
A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.
Solutions
centos-upgrade-ceph-basecentos-upgrade-ceph-commoncentos-upgrade-ceph-debuginfocentos-upgrade-ceph-fusecentos-upgrade-ceph-mdscentos-upgrade-ceph-radosgwcentos-upgrade-ceph-selinuxcentos-upgrade-libcephfs-develcentos-upgrade-libcephfs2centos-upgrade-librados-develcentos-upgrade-libradosstriper1centos-upgrade-librbd-develcentos-upgrade-librgw-develcentos-upgrade-librgw2centos-upgrade-python-cephfscentos-upgrade-python-rgwcentos-upgrade-rbd-mirror
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.