vulnerability
SUSE: CVE-2020-10736: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:A/AC:L/Au:S/C:P/I:P/A:P) | Jun 22, 2020 | Feb 4, 2022 | Feb 4, 2022 |
Severity
5
CVSS
(AV:A/AC:L/Au:S/C:P/I:P/A:P)
Published
Jun 22, 2020
Added
Feb 4, 2022
Modified
Feb 4, 2022
Description
An authorization bypass vulnerability was found in Ceph versions 15.2.0 before 15.2.2, where the ceph-mon and ceph-mgr daemons do not properly restrict access, resulting in gaining access to unauthorized resources. This flaw allows an authenticated client to modify the configuration and possibly conduct further attacks.
Solution(s)
suse-upgrade-ceph-commonsuse-upgrade-libcephfs-develsuse-upgrade-libcephfs2suse-upgrade-librados-develsuse-upgrade-librados2suse-upgrade-libradospp-develsuse-upgrade-librbd-develsuse-upgrade-librbd1suse-upgrade-librgw-develsuse-upgrade-librgw2suse-upgrade-python3-ceph-argparsesuse-upgrade-python3-ceph-commonsuse-upgrade-python3-cephfssuse-upgrade-python3-radossuse-upgrade-python3-rbdsuse-upgrade-python3-rgwsuse-upgrade-rados-objclass-develsuse-upgrade-rbd-nbd
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.