vulnerability

Ubuntu: USN-4035-1 (CVE-2019-3821): Ceph vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Mar 27, 2019	Jun 25, 2019	Mar 27, 2026

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Mar 27, 2019

Added

Jun 25, 2019

Modified

Mar 27, 2026

Description

A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL enabled. An unauthenticated attacker could create multiple connections to ceph RADOS gateway to exhaust file descriptors for ceph-radosgw service resulting in a remote denial of service.

Solutions

ubuntu-upgrade-cephubuntu-upgrade-ceph-common

References

CVE-2019-3821
https://attackerkb.com/topics/CVE-2019-3821
CWE-772
EUVD-EUVD-2019-13444
NVD-CVE-2019-3821
UBUNTU-USN-4035-1
https://euvd.enisa.europa.eu/vulnerability/EUVD-2019-13444

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today