CVE-2016-8626
published 2018-07-31CVE-2016-8626: A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial…
medium6.5CVSS 3.0
AVNACLPRLUINSUCNINAH
A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial of service attack by sending null or specially crafted POST object requests.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | ceph | < ceph 10.2.5-1 (bookworm) | ceph 10.2.5-1 (bookworm) |
| red_hat | ceph | — | — |
| red_hat | ceph | >= 0 < 10.2.5-1 | 10.2.5-1 |
| red_hat | ceph | >= 0 < 10.2.5-1 | 10.2.5-1 |
| red_hat | ceph | >= 0 < 10.2.5-1 | 10.2.5-1 |
| red_hat | ceph | >= 0 < 10.2.5-1 | 10.2.5-1 |
| redhat | ceph | < 0.94.3.9-8 | 0.94.3.9-8 |
| redhat | ceph | >= 0 < 0.80.11-0ubuntu1.14.04.3 | 0.80.11-0ubuntu1.14.04.3 |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_workstation | — | — |
CVSS provenance
nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv6.5MEDIUM