漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
CephFS Permission Escalation Vulnerability in Ceph Fuse mounted FS
Vulnerability Description
Ceph is a distributed object, block, and file storage platform. In versions 17.2.7, 18.2.1 through 18.2.4, and 19.0.0 through 19.2.2, an unprivileged user can escalate to root privileges in a ceph-fuse mounted CephFS by chmod 777 a directory owned by root to gain access. The result of this is that a user could read, write and execute to any directory owned by root as long as they chmod 777 it. This impacts confidentiality, integrity, and availability. It is patched in versions 17.2.8, 18.2.5, and 19.2.3.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
Vulnerability Type
特权管理不恰当
Vulnerability Title
Ceph 安全漏洞
Vulnerability Description
Ceph是Ceph开源的一个文件存储平台。 Ceph 17.2.7版本、18.2.1至18.2.4版本和19.0.0至19.2.2版本存在安全漏洞,该漏洞源于非特权用户可通过chmod 777提升至root权限。
CVSS Information
N/A
Vulnerability Type
N/A