Ceph storage mon
This hub aggregates every CVE we track for Ceph storage mon, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
Operating Systemson-prem
5
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM3HIGH2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 5 most recently published vulnerabilities affecting Ceph storage mon.
- CVE-2016-9579A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this fla...6.5
- CVE-2018-1129A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able t...6.5
- CVE-2018-1128It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff pa...7.5
- CVE-2018-10861A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches m...8.1
- CVE-2016-5009The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph monitor crash) via an (1) empty or (2) crafted prefix.6.5
Product normalization is registry-driven with AI assist and human review. How it works