UBUNTU-CVE-2020-10736
See a problem?- Source
- https://ubuntu.com/security/notices/UBUNTU-CVE-2020-10736
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-10736.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2020-10736
- Related
- Published
- 2020-06-22T18:15:00Z
- Modified
- 2020-06-22T18:15:00Z
- Severity
-
- 8.0 (High) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An authorization bypass vulnerability was found in Ceph versions 15.2.0 before 15.2.2, where the ceph-mon and ceph-mgr daemons do not properly restrict access, resulting in gaining access to unauthorized resources. This flaw allows an authenticated client to modify the configuration and possibly conduct further attacks.
- References
Affected packages
Ubuntu:20.04:LTS / ceph
Package
- Name
- ceph
- Purl
- pkg:deb/ubuntu/ceph@15.2.7-0ubuntu0.20.04.2?arch=src?distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed15.2.7-0ubuntu0.20.04.2
Affected versions
14.*
14.2.2-0ubuntu3
14.2.2-0ubuntu4
14.2.4-0ubuntu1
14.2.4-0ubuntu2
14.2.4-0ubuntu3
15.*
15.1.0-0ubuntu2
15.1.0-0ubuntu3
15.1.1-0ubuntu1
15.2.0-0ubuntu1
15.2.0-0ubuntu2
15.2.1-0ubuntu1
15.2.1-0ubuntu2
15.2.3-0ubuntu0.20.04.1
15.2.3-0ubuntu0.20.04.2
15.2.5-0ubuntu0.20.04.1
15.2.7-0ubuntu0.20.04.1
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "medium",
"binaries": [
{
"python3-rgw-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"python3-ceph-argparse": "15.2.7-0ubuntu0.20.04.2",
"ceph-mds": "15.2.7-0ubuntu0.20.04.2",
"rbd-fuse-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"rbd-mirror-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"libradospp-dev": "15.2.7-0ubuntu0.20.04.2",
"libradosstriper1-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"rbd-nbd": "15.2.7-0ubuntu0.20.04.2",
"python3-rgw": "15.2.7-0ubuntu0.20.04.2",
"ceph-mds-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"rados-objclass-dev": "15.2.7-0ubuntu0.20.04.2",
"ceph-immutable-object-cache": "15.2.7-0ubuntu0.20.04.2",
"ceph-fuse-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"rbd-nbd-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"ceph-resource-agents": "15.2.7-0ubuntu0.20.04.2",
"ceph-mgr": "15.2.7-0ubuntu0.20.04.2",
"ceph-mgr-modules-core": "15.2.7-0ubuntu0.20.04.2",
"librbd1-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"python3-cephfs-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"ceph-common": "15.2.7-0ubuntu0.20.04.2",
"python3-rbd-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"libcephfs2": "15.2.7-0ubuntu0.20.04.2",
"ceph-immutable-object-cache-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"ceph-mgr-diskprediction-local": "15.2.7-0ubuntu0.20.04.2",
"rbd-fuse": "15.2.7-0ubuntu0.20.04.2",
"libcephfs-java": "15.2.7-0ubuntu0.20.04.2",
"ceph-common-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"radosgw": "15.2.7-0ubuntu0.20.04.2",
"ceph-mgr-dashboard": "15.2.7-0ubuntu0.20.04.2",
"ceph-mgr-k8sevents": "15.2.7-0ubuntu0.20.04.2",
"libcephfs-jni": "15.2.7-0ubuntu0.20.04.2",
"radosgw-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"python3-cephfs": "15.2.7-0ubuntu0.20.04.2",
"ceph-osd": "15.2.7-0ubuntu0.20.04.2",
"librados-dev": "15.2.7-0ubuntu0.20.04.2",
"libradosstriper-dev": "15.2.7-0ubuntu0.20.04.2",
"ceph-fuse": "15.2.7-0ubuntu0.20.04.2",
"ceph-mgr-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"librgw2": "15.2.7-0ubuntu0.20.04.2",
"python3-ceph": "15.2.7-0ubuntu0.20.04.2",
"librados2": "15.2.7-0ubuntu0.20.04.2",
"ceph-mgr-cephadm": "15.2.7-0ubuntu0.20.04.2",
"librados-dev-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"ceph": "15.2.7-0ubuntu0.20.04.2",
"librados2-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"ceph-mon": "15.2.7-0ubuntu0.20.04.2",
"ceph-mon-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"libcephfs2-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"librbd-dev": "15.2.7-0ubuntu0.20.04.2",
"cephadm": "15.2.7-0ubuntu0.20.04.2",
"python3-ceph-common": "15.2.7-0ubuntu0.20.04.2",
"rbd-mirror": "15.2.7-0ubuntu0.20.04.2",
"ceph-mgr-diskprediction-cloud": "15.2.7-0ubuntu0.20.04.2",
"ceph-base-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"libcephfs-dev": "15.2.7-0ubuntu0.20.04.2",
"ceph-osd-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"librbd1": "15.2.7-0ubuntu0.20.04.2",
"python3-rados": "15.2.7-0ubuntu0.20.04.2",
"python3-rbd": "15.2.7-0ubuntu0.20.04.2",
"python3-rados-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"cephfs-shell": "15.2.7-0ubuntu0.20.04.2",
"libcephfs-jni-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"librgw2-dbgsym": "15.2.7-0ubuntu0.20.04.2",
"ceph-base": "15.2.7-0ubuntu0.20.04.2",
"librgw-dev": "15.2.7-0ubuntu0.20.04.2",
"ceph-mgr-rook": "15.2.7-0ubuntu0.20.04.2",
"libradosstriper1": "15.2.7-0ubuntu0.20.04.2"
}
]
}