Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is stored by the frontend application in the browser’s localStorage which is potentially vulnerable to attackers via XSS attacks. The highest threat from this vulnerability is to data confidentiality and integrity.
CVSS Information
N/A
Vulnerability Type
不充分的凭证保护机制
Vulnerability Title
Red Hat Ceph 安全漏洞
Vulnerability Description
Red Hat Ceph是美国红帽(Red Hat)公司的一套Linux PB级分布式文件系统。该系统的主要目标是设计成基于POSIX(可移植操作系统接口)的没有单点故障的分布式文件系统,使数据能容错和无缝的复制。 Ceph 存在安全漏洞,攻击者可利用该漏洞可以通过Ceph的JSON Web Token绕过限制,以升级他的权限。
CVSS Information
N/A
Vulnerability Type
N/A