vulnerability
Red Hat: CVE-2019-10222: Important: ceph security update (RHSA-2019:2577)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Nov 8, 2019 | Mar 2, 2020 | Jan 30, 2023 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Nov 8, 2019
Added
Mar 2, 2020
Modified
Jan 30, 2023
Description
A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.
Solutions
redhat-upgrade-ceph-baseredhat-upgrade-ceph-commonredhat-upgrade-ceph-debuginforedhat-upgrade-ceph-fuseredhat-upgrade-ceph-mdsredhat-upgrade-ceph-radosgwredhat-upgrade-ceph-selinuxredhat-upgrade-libcephfs-develredhat-upgrade-libcephfs2redhat-upgrade-librados-develredhat-upgrade-libradosstriper1redhat-upgrade-librbd-develredhat-upgrade-librgw-develredhat-upgrade-librgw2redhat-upgrade-python-cephfsredhat-upgrade-python-rgwredhat-upgrade-rbd-mirror
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.