CVE-2019-10222
HIGH7.5EPSS 1.8%ceph - security update
發布日:2019/11/8修改日:2026/4/28
描述
A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.
受影響套件(2)
- Debian/cephfrom 0, < 14.2.4-1
- Debian/cephfrom 0, < 12.2.11+dfsg1-2.1+deb10u1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |