Vulnerability Details : CVE-2018-10861
A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected.
Vulnerability category: BypassGain privilege
Exploit prediction scoring system (EPSS) score for CVE-2018-10861
Probability of exploitation activity in the next 30 days: 0.45%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 72 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2018-10861
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
5.5
|
MEDIUM | AV:N/AC:L/Au:S/C:N/I:P/A:P |
8.0
|
4.9
|
NIST |
|
8.1
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
2.8
|
5.2
|
NIST |
CWE ids for CVE-2018-10861
-
The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.Assigned by: secalert@redhat.com (Secondary)
-
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-10861
-
https://bugzilla.redhat.com/show_bug.cgi?id=1593308
1593308 – (CVE-2018-10861) CVE-2018-10861 ceph: ceph-mon does not perform authorization on OSD pool opsIssue Tracking;Patch;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:2274
RHSA-2018:2274 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://tracker.ceph.com/issues/24838
Bug #24838: mon: auth checks not correct for pool ops - RADOS - CephIssue Tracking;Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html
[security-announce] openSUSE-SU-2019:1284-1: moderate: Security update fThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:2261
RHSA-2018:2261 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://www.debian.org/security/2018/dsa-4339
Debian -- Security Information -- DSA-4339-1 cephThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:2177
RHSA-2018:2177 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.securityfocus.com/bid/104742
Red Hat Ceph CVE-2018-10861 Security Bypass VulnerabilityThird Party Advisory;VDB Entry
-
https://github.com/ceph/ceph/commit/975528f632f73fbffa3f1fee304e3bbe3296cffc
Merge remote-tracking branch 'private/wip-mon-snap-caps' · ceph/ceph@975528f · GitHubPatch;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2018:2179
RHSA-2018:2179 - Security Advisory - Red Hat Customer PortalThird Party Advisory
Products affected by CVE-2018-10861
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:ceph_storage_osd:2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:ceph_storage_osd:3:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:ceph_storage_mon:2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:ceph_storage_mon:3:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:ceph_storage:3:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:10.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:10.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:10.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:12.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:12.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:13.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:10.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:10.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:10.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:10.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:10.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:10.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:12.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:12.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:12.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:12.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:10.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:10.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:10.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:12.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:12.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:ceph:ceph:13.2.1:*:*:*:*:*:*:*