A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10222 | Issue Tracking Mitigation Patch Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html | |
https://tracker.ceph.com/issues/40018 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
23 Oct 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2019-11-08 15:15
Updated : 2024-02-28 17:28
NVD link : CVE-2019-10222
Mitre link : CVE-2019-10222
CVE.ORG link : CVE-2019-10222
JSON object : View
Products Affected
fedoraproject
- fedora
redhat
- ceph_storage
ceph
- ceph
CWE
CWE-755
Improper Handling of Exceptional Conditions