CVE-2018-14662
CVE-2018-14662
It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption.
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Affected products
[UNKNOWN] · cephWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.htmlhttps://access.redhat.com/errata/RHSA-2019:2538https://access.redhat.com/errata/RHSA-2019:2541https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14662https://ceph.com/releases/13-2-4-mimic-releasedhttps://lists.debian.org/debian-lts-announce/2019/03/msg00002.htmlhttps://lists.debian.org/debian-lts-announce/2021/08/msg00013.htmlhttps://usn.ubuntu.com/4035-1/