CVE-2018-10861

HIGH8.1EPSS 0.79%

Published: 7/10/2018Modified: 4/28/2026

Also known as:DEBIAN-CVE-2018-10861

Description

A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected.

Affected packages (1)

Debian/cephfrom 0, < 12.2.8+dfsg1-1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH8.1	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2018-10861