CVE-2018-10861

Impact:
Moderate
Public Date:
2018-07-09
CWE:
CWE-285
Bugzilla:
1593308: CVE-2018-10861 ceph: ceph-mon does not perform authorization on OSD pool ops
A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete and corrupt snapshot images

Find out more about CVE-2018-10861 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v3 metrics

CVSS3 Base Score 4.6
CVSS3 Base Metrics CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Attack Vector Adjacent Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity Impact Low
Availability Impact Low

Red Hat Security Errata

Platform Errata Release Date
Red Hat Ceph Storage 3 for Ubuntu RHSA-2018:2179 2018-07-11
Red Hat Ceph Storage 3 for Red Hat Enterprise Linux 7 (ceph) RHSA-2018:2177 2018-07-11
Red Hat Ceph Storage 2 for Ubuntu RHSA-2018:2274 2018-07-26
Red Hat Ceph Storage Tools 2 (ceph) RHSA-2018:2261 2018-07-26

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 8 ceph Not affected
Red Hat Enterprise Linux 7 ceph-common Not affected

Mitigation

Use mon_allow_pool_delete = false in ceph.conf to disable deletion of pools

~]$ for p in `rados lspools`
do
   ceph osd pool set $p nodelete true
done

caveat: This mitigation does not protect against attacker from corrupting snapshot images

Last Modified