{"containers": {"cna": {"affected": [{"product": "ceph", "vendor": "Red Hat, Inc.", "versions": [{"status": "affected", "version": "all versions in branches master, mimic, luminous and jewel"}]}], "datePublic": "2018-07-09T00:00:00", "descriptions": [{"lang": "en", "value": "A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-285", "description": "CWE-285", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-04-27T23:06:03", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2018:2261", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2261"}, {"name": "RHSA-2018:2177", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2177"}, {"name": "RHSA-2018:2179", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2179"}, {"name": "RHSA-2018:2274", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2274"}, {"name": "104742", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/104742"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593308"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ceph/ceph/commit/975528f632f73fbffa3f1fee304e3bbe3296cffc"}, {"name": "DSA-4339", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2018/dsa-4339"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://tracker.ceph.com/issues/24838"}, {"name": "openSUSE-SU-2019:1284", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "DATE_PUBLIC": "2018-07-09T00:00:00", "ID": "CVE-2018-10861", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "ceph", "version": {"version_data": [{"version_value": "all versions in branches master, mimic, luminous and jewel"}]}}]}, "vendor_name": "Red Hat, Inc."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-285"}]}]}, "references": {"reference_data": [{"name": "RHSA-2018:2261", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2261"}, {"name": "RHSA-2018:2177", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2177"}, {"name": "RHSA-2018:2179", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2179"}, {"name": "RHSA-2018:2274", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2274"}, {"name": "104742", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104742"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1593308", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593308"}, {"name": "https://github.com/ceph/ceph/commit/975528f632f73fbffa3f1fee304e3bbe3296cffc", "refsource": "CONFIRM", "url": "https://github.com/ceph/ceph/commit/975528f632f73fbffa3f1fee304e3bbe3296cffc"}, {"name": "DSA-4339", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4339"}, {"name": "http://tracker.ceph.com/issues/24838", "refsource": "CONFIRM", "url": "http://tracker.ceph.com/issues/24838"}, {"name": "openSUSE-SU-2019:1284", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T07:46:47.425Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2018:2261", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2261"}, {"name": "RHSA-2018:2177", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2177"}, {"name": "RHSA-2018:2179", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2179"}, {"name": "RHSA-2018:2274", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2274"}, {"name": "104742", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/104742"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593308"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/ceph/ceph/commit/975528f632f73fbffa3f1fee304e3bbe3296cffc"}, {"name": "DSA-4339", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2018/dsa-4339"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://tracker.ceph.com/issues/24838"}, {"name": "openSUSE-SU-2019:1284", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2018-10861", "datePublished": "2018-07-10T14:00:00Z", "dateReserved": "2018-05-09T00:00:00", "dateUpdated": "2024-09-16T16:28:46.914Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ceph:ceph:10.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8901022A-8A84-494A-A5BF-358F2CBBDFFF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:10.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "76788B0A-7776-4D0C-B0D7-C855E9A0231E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:10.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "7A925DB4-83DC-45D1-A48B-1675A111213B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:10.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "D22BA440-CB28-445C-A7F8-CBD6E8965B2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:10.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "A503C653-AFEB-4E5A-872B-AD033C0E2259", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:10.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "7C00462A-A1B8-42A7-9336-DE1BF5510B6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:10.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "3505D4E2-4EA8-40A4-A57C-46CCA9922EF3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:10.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "09EC481B-79F0-41DB-B95F-D1A221C96F4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:10.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "31F159B5-AF02-48BE-B994-749F21B9D362", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:10.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "D9684039-7938-405D-B833-4C54BFBD6476", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:10.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "8FAE4350-8F39-4E78-AB25-17DE76FD57AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:10.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "3B2369D2-4413-447C-A0A8-84CA37B1F5B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:12.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "3515BF53-4921-462F-820E-B842BB3FF066", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:12.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "48067E54-26F5-4020-BCEA-A65C2536618B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:12.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "F9A86B91-78C3-4D02-B7C8-11AAFB1CCCEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:12.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "CDBD084F-4A0B-4231-8465-61F8BE5E57F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:12.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0885F67A-E01B-4BF2-A760-D452B55C5F69", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:12.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "DB9D95E9-52F3-459C-89AD-6FCA6A975085", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:12.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "087C6821-9A77-4CC8-8AA0-2C51414D9B58", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:12.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "A667C6AF-76D4-4192-A8BF-395F368EFAE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:13.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "13BF6806-6E69-4172-9260-2E97FB253339", "vulnerable": true}, {"criteria": "cpe:2.3:a:ceph:ceph:13.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "DCAE0EE4-BBE9-4DBD-84CC-9A72E97E73E6", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:ceph_storage:3:*:*:*:*:*:*:*", "matchCriteriaId": "E9184616-421F-4EA9-AC1A-A4C95BBAAC99", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:ceph_storage_mon:2:*:*:*:*:*:*:*", "matchCriteriaId": "8C2EBAD9-F0D5-4176-9C4D-001B230E699E", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:ceph_storage_mon:3:*:*:*:*:*:*:*", "matchCriteriaId": "CD2F9BA8-FE0A-43DE-A756-C35A24C3D96E", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:ceph_storage_osd:2:*:*:*:*:*:*:*", "matchCriteriaId": "AA5F5227-DBDA-4C01-BF7C-4D53F455404F", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:ceph_storage_osd:3:*:*:*:*:*:*:*", "matchCriteriaId": "A80BACB5-7A56-4BC6-9261-58A3860F4E8C", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected."}, {"lang": "es", "value": "Se ha encontrado un error en la forma en la que ceph mon maneja las peticiones de usuario. Cualquier usuario de ceph autenticado que tenga acceso de lectura en ceph puede eliminar, crear pools de almacenamiento de ceph y corromper im\u00e1genes instant\u00e1neas. Se cree que las ramas de ceph master, mimic, luminous y jewel se han visto afectadas."}], "id": "CVE-2018-10861", "lastModified": "2019-10-09T23:33:05.587", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 5.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-07-10T14:29:00.213", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "http://tracker.ceph.com/issues/24838"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/104742"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2177"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2179"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2261"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2274"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593308"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/ceph/ceph/commit/975528f632f73fbffa3f1fee304e3bbe3296cffc"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4339"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-285"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2018:2261", "cpe": "cpe:/a:redhat:ceph_storage:2::el7", "package": "ceph-2:10.2.10-28.el7cp", "product_name": "Red Hat Ceph Storage 2.5", "release_date": "2018-07-26T00:00:00Z"}, {"advisory": "RHSA-2018:2261", "cpe": "cpe:/a:redhat:ceph_storage:2::el7", "package": "ceph-ansible-0:3.0.39-1.el7cp", "product_name": "Red Hat Ceph Storage 2.5", "release_date": "2018-07-26T00:00:00Z"}, {"advisory": "RHSA-2018:2274", "cpe": "cpe:/a:redhat:ceph_storage:2::ubuntu16.04", "product_name": "Red Hat Ceph Storage 2 for Ubuntu", "release_date": "2018-07-26T00:00:00Z"}, {"advisory": "RHSA-2018:2177", "cpe": "cpe:/a:redhat:ceph_storage:3::el7", "package": "ceph-2:12.2.4-30.el7cp", "product_name": "Red Hat Ceph Storage 3.0", "release_date": "2018-07-11T00:00:00Z"}, {"advisory": "RHSA-2018:2177", "cpe": "cpe:/a:redhat:ceph_storage:3::el7", "package": "ceph-ansible-0:3.0.39-1.el7cp", "product_name": "Red Hat Ceph Storage 3.0", "release_date": "2018-07-11T00:00:00Z"}, {"advisory": "RHSA-2018:2177", "cpe": "cpe:/a:redhat:ceph_storage:3::el7", "package": "cephmetrics-0:1.0.1-1.el7cp", "product_name": "Red Hat Ceph Storage 3.0", "release_date": "2018-07-11T00:00:00Z"}, {"advisory": "RHSA-2018:2177", "cpe": "cpe:/a:redhat:ceph_storage:3::el7", "package": "nfs-ganesha-0:2.5.5-6.el7cp", "product_name": "Red Hat Ceph Storage 3.0", "release_date": "2018-07-11T00:00:00Z"}, {"advisory": "RHSA-2018:2179", "cpe": "cpe:/a:redhat:ceph_storage:3::ubuntu16.04", "product_name": "Red Hat Ceph Storage 3 for Ubuntu", "release_date": "2018-07-11T00:00:00Z"}], "bugzilla": {"description": "ceph: ceph-mon does not perform authorization on OSD pool ops", "id": "1593308", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593308"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.6", "cvss3_scoring_vector": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "status": "verified"}, "cwe": "CWE-285", "details": ["A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected.", "A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete and corrupt snapshot images"], "mitigation": {"lang": "en:us", "value": "Use mon_allow_pool_delete = false in ceph.conf to disable deletion of pools\n~]$ for p in `rados lspools`\ndo\nceph osd pool set $p nodelete true\ndone\ncaveat: This mitigation does not protect against attacker from corrupting snapshot images"}, "name": "CVE-2018-10861", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "ceph-common", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "ceph", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2018-07-09T12:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-10861\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-10861"], "threat_severity": "Moderate", "upstream_fix": "ceph 10.2.11, ceph 12.2.6, ceph 13.2.1"}