CVE-2018-10861
- Source
- https://cve.org/CVERecord?id=CVE-2018-10861
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-10861.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-10861
- Downstream
- Related
- Published
- 2018-07-10T14:29:00.213Z
- Modified
- 2026-04-10T04:04:07.716261Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected.
- References
-
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html
- http://www.securityfocus.com/bid/104742
- https://access.redhat.com/errata/RHSA-2018:2179
- https://access.redhat.com/errata/RHSA-2018:2177
- https://access.redhat.com/errata/RHSA-2018:2261
- https://access.redhat.com/errata/RHSA-2018:2274
- https://www.debian.org/security/2018/dsa-4339
- http://tracker.ceph.com/issues/24838
- https://github.com/ceph/ceph/commit/975528f632f73fbffa3f1fee304e3bbe3296cffc
- https://bugzilla.redhat.com/show_bug.cgi?id=1593308
Affected packages
Git / github.com/ceph/ceph
Affected ranges
- Type
- GIT
- Repo
- https://github.com/ceph/ceph
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedFixed
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "10.2.0" }, { "introduced": "0" }, { "last_affected": "10.2.1" }, { "introduced": "0" }, { "last_affected": "10.2.2" }, { "introduced": "0" }, { "last_affected": "10.2.3" }, { "introduced": "0" }, { "last_affected": "10.2.4" }, { "introduced": "0" }, { "last_affected": "10.2.5" }, { "introduced": "0" }, { "last_affected": "10.2.6" }, { "introduced": "0" }, { "last_affected": "10.2.7" }, { "introduced": "0" }, { "last_affected": "10.2.8" }, { "introduced": "0" }, { "last_affected": "10.2.9" }, { "introduced": "0" }, { "last_affected": "10.2.10" }, { "introduced": "0" }, { "last_affected": "10.2.11" }, { "introduced": "0" }, { "last_affected": "12.2.0" }, { "introduced": "0" }, { "last_affected": "12.2.1" }, { "introduced": "0" }, { "last_affected": "12.2.2" }, { "introduced": "0" }, { "last_affected": "12.2.3" }, { "introduced": "0" }, { "last_affected": "12.2.4" }, { "introduced": "0" }, { "last_affected": "12.2.5" }, { "introduced": "0" }, { "last_affected": "12.2.6" }, { "introduced": "0" }, { "last_affected": "12.2.7" }, { "introduced": "0" }, { "last_affected": "13.2.0" }, { "introduced": "0" }, { "last_affected": "13.2.1" }, { "introduced": "0" }, { "last_affected": "2" }, { "introduced": "0" }, { "last_affected": "2" }, { "introduced": "0" }, { "last_affected": "15.0" }, { "introduced": "0" }, { "last_affected": "9.0" } ] }
Affected versions
Other
rrygrvmctuzz-build-me
ses2-gm
v0.*
v0.1
v0.18
v0.19
v0.2
v0.4
v0.5
v0.6
v0.7.1
v0.7.2
v0.7.3
v0.9
v0.93
v0.94
v0.94.1
v0.94.2
v0.94.3
v0.94.4
v0.94.5
v10.*
v10.2.0
v10.2.1
v10.2.10
v10.2.11
v10.2.2
v10.2.3
v10.2.4
v10.2.5
v10.2.6
v10.2.7
v10.2.8
v10.2.9
v11.*
v11.0.0
v12.*
v12.1.4
v12.2.0
v12.2.1
v12.2.2
v12.2.3
v12.2.4
v12.2.5
v12.2.6
v12.2.7
v13.*
v13.0.0
v13.1.0
v13.1.1
v13.2.0
v13.2.1
v14.*
v14.0.0
v15.*
v15.0.0
v9.*
v9.0.0
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.0"
}
]
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-10861.json"