vulnerability
CentOS Linux: CVE-2020-10753: Moderate: Red Hat Ceph Storage 4.1 security and bug fix update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Jun 26, 2020 | Aug 19, 2020 | Jun 12, 2023 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Jun 26, 2020
Added
Aug 19, 2020
Modified
Jun 12, 2023
Description
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. Ceph versions 3.x and 4.x are vulnerable to this issue.
Solutions
centos-upgrade-ceph-ansiblecentos-upgrade-ceph-basecentos-upgrade-ceph-base-debuginfocentos-upgrade-ceph-commoncentos-upgrade-ceph-common-debuginfocentos-upgrade-ceph-debuginfocentos-upgrade-ceph-debugsourcecentos-upgrade-ceph-fusecentos-upgrade-ceph-fuse-debuginfocentos-upgrade-ceph-grafana-dashboardscentos-upgrade-ceph-mdscentos-upgrade-ceph-mds-debuginfocentos-upgrade-ceph-mediccentos-upgrade-ceph-mgr-debuginfocentos-upgrade-ceph-mon-debuginfocentos-upgrade-ceph-osd-debuginfocentos-upgrade-ceph-radosgwcentos-upgrade-ceph-radosgw-debuginfocentos-upgrade-ceph-selinuxcentos-upgrade-ceph-test-debuginfocentos-upgrade-cockpit-ceph-installercentos-upgrade-libcephfs-develcentos-upgrade-libcephfs2centos-upgrade-libcephfs2-debuginfocentos-upgrade-librados-develcentos-upgrade-librados-devel-debuginfocentos-upgrade-libradospp-develcentos-upgrade-libradosstriper1centos-upgrade-libradosstriper1-debuginfocentos-upgrade-librbd-develcentos-upgrade-librgw-develcentos-upgrade-librgw2centos-upgrade-librgw2-debuginfocentos-upgrade-nfs-ganeshacentos-upgrade-nfs-ganesha-cephcentos-upgrade-nfs-ganesha-ceph-debuginfocentos-upgrade-nfs-ganesha-debuginfocentos-upgrade-nfs-ganesha-debugsourcecentos-upgrade-nfs-ganesha-proxycentos-upgrade-nfs-ganesha-proxy-debuginfocentos-upgrade-nfs-ganesha-rados-gracecentos-upgrade-nfs-ganesha-rados-grace-debuginfocentos-upgrade-nfs-ganesha-rados-urlscentos-upgrade-nfs-ganesha-rados-urls-debuginfocentos-upgrade-nfs-ganesha-rgwcentos-upgrade-nfs-ganesha-rgw-debuginfocentos-upgrade-nfs-ganesha-selinuxcentos-upgrade-nfs-ganesha-vfscentos-upgrade-nfs-ganesha-vfs-debuginfocentos-upgrade-python-ceph-argparsecentos-upgrade-python-cephfscentos-upgrade-python-rgwcentos-upgrade-python3-ceph-argparsecentos-upgrade-python3-cephfscentos-upgrade-python3-cephfs-debuginfocentos-upgrade-python3-radoscentos-upgrade-python3-rados-debuginfocentos-upgrade-python3-rbdcentos-upgrade-python3-rbd-debuginfocentos-upgrade-python3-rgwcentos-upgrade-python3-rgw-debuginfocentos-upgrade-rbd-fuse-debuginfocentos-upgrade-rbd-mirrorcentos-upgrade-rbd-mirror-debuginfocentos-upgrade-rbd-nbdcentos-upgrade-rbd-nbd-debuginfo
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.