CVE-2021-3531
published 2021-05-18CVE-2021-3531: A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can…
medium5.3CVSS 3.1
AVNACLPRNUINSUCNINAL
A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can cause the rgw to crash, resulting in a denial of service. The greatest threat to the system is of availability.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | ceph | < ceph 14.2.21-1 (bookworm) | ceph 14.2.21-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| redhat | ceph | < 14.2.21 | 14.2.21 |
| redhat | ceph | — | — |
| redhat | ceph | >= 0 < 14.2.21-1 | 14.2.21-1 |
| redhat | ceph | >= 0 < 14.2.21-1 | 14.2.21-1 |
| redhat | ceph | >= 0 < 14.2.21-1 | 14.2.21-1 |
| redhat | ceph | >= 0 < 14.2.21-1 | 14.2.21-1 |
| redhat | ceph | >= 0 < 12.2.13-0ubuntu0.18.04.10 | 12.2.13-0ubuntu0.18.04.10 |
| redhat | ceph | >= 0 < 15.2.12-0ubuntu0.20.04.1 | 15.2.12-0ubuntu0.20.04.1 |
| redhat | ceph_storage | — | — |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
osv7.1HIGH