CVE-2016-7031

Published: Oct 3, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

The RGW code in Ceph before 10.0.1, when authenticated-read ACL is applied to a bucket, allows remote attackers to list the bucket contents via a URL.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

93240

vdb-entry

x_refsource_BID

https://github.com/ceph/ceph/pull/6057

x_refsource_CONFIRM

RHSA-2016:1972

vendor-advisory

x_refsource_REDHAT

http://docs.ceph.com/docs/master/release-notes/#v10-0-1

x_refsource_CONFIRM

RHSA-2016:1973

vendor-advisory

x_refsource_REDHAT

http://tracker.ceph.com/issues/13207

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-7031

Description

Affected Products

References