CVE-2017-16818
published 2017-12-20CVE-2017-16818: RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticated users to cause a denial of service (assertion failure and application exit) by…
medium6.5CVSS 3.0
AVNACLPRLUINSUCNINAH
RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticated users to cause a denial of service (assertion failure and application exit) by leveraging "full" (not necessarily admin) privileges to post an invalid profile to the admin API, related to rgw/rgw_iam_policy.cc, rgw/rgw_basic_types.h, and rgw/rgw_iam_types.h.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | ceph | — | — |
| fedoraproject | fedora | — | — |
| redhat | ceph | 12.1.0 – 12.2.1 | — |