BIT-ceph-2020-1699

See a problem?

Import Source

https://github.com/bitnami/vulndb/tree/main/data/ceph/BIT-ceph-2020-1699.json

JSON Data

https://api.osv.dev/v1/vulns/BIT-ceph-2020-1699

Aliases

CVE-2020-1699

Published

2026-03-20T09:05:35.402Z

Modified

2026-03-20T10:00:10.214875Z

Summary

[none]

Details

A path traversal flaw was found in the Ceph dashboard implemented in upstream versions v14.2.5, v14.2.6, v15.0.0 of Ceph storage and has been fixed in versions 14.2.7 and 15.1.0. An unauthenticated attacker could use this flaw to cause information disclosure on the host machine running the Ceph dashboard.

Database specific

{
    "severity": "High",
    "cpes": [
        "cpe:2.3:a:linuxfoundation:ceph:*:*:*:*:*:*:*:*"
    ]
}

References

Affected packages

Bitnami / ceph

Package

Name: ceph
Purl: pkg:bitnami/ceph

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Affected ranges

Type: SEMVER
Events: Introduced

14.2.5

Last affected

14.2.5

Introduced

14.2.6

Last affected

14.2.6

Introduced

15.0.0

Last affected

15.0.0

Database specific

source

"https://github.com/bitnami/vulndb/tree/main/data/ceph/BIT-ceph-2020-1699.json"