--- /dev/null
+.. _CVE-2021-3509:
+
+CVE-2021-3509: Dashboard XSS via token cookie
+=============================================
+
+* `NIST information page <https://nvd.nist.gov/vuln/detail/CVE-2021-3509>`_
+
+The Ceph Dashboard was vulnerable to an XSS attack that could expose the authentication
+cookie to other sites.
+
+
+Affected versions
+-----------------
+
+* Octopus v15.2.0 and later
+
+Fixed versions
+--------------
+
+* Pacific v16.2.4 (and later)
+* Octopus v15.2.12 (and later)
+* Nautilus v14.2.21 (and later)
+
+
+Recommendations
+---------------
+
+All users of the Ceph dashboard should upgrade.
--- /dev/null
+.. _CVE-2021-3524:
+
+CVE-2021-3524: HTTP header injects via CORS in RGW
+==================================================
+
+* `NIST information page <https://nvd.nist.gov/vuln/detail/CVE-2021-3524>`_
+
+A flaw was found in the radosgw. The vulnerability is related to the
+injection of HTTP headers via a CORS ExposeHeader tag. The \r
+character in the ExposeHeader tag in the CORS configuration file
+generates a header injection in the response when the CORS request is
+made.
+
+Fixed versions
+--------------
+
+* Pacific v16.2.4 (and later)
+* Octopus v15.2.12 (and later)
+* Nautilus v14.2.21 (and later)
+
+Recommendations
+---------------
+
+All users of Ceph object storage (RGW) should upgrade.
+
+Acknowledgements
+----------------
+
+Red Hat would like to thank Sergey Bobrov (Kaspersky) for reporting this issue.
+
--- /dev/null
+.. _CVE-2021-3531:
+
+CVE-2021-3531: Swift API denial of service
+==========================================
+
+* `NIST information page <https://nvd.nist.gov/vuln/detail/CVE-2021-3531>`_
+
+Unauthenticated users of the Swift API can trigger a server-side assertion with a
+malformed URL, leading to a denial of service.
+
+
+Affected versions
+-----------------
+
+* Nautilus v14.2.0 and later
+
+Fixed versions
+--------------
+
+* Pacific v16.2.4 (and later)
+* Octopus v15.2.12 (and later)
+* Nautilus v14.2.21 (and later)
+
+
+Recommendations
+---------------
+
+All users of Ceph object storage (RGW) should upgrade.
+------------+-------------------+-------------+--------------------------------------------+
| Published | CVE | Severity | Summary |
+------------+-------------------+-------------+--------------------------------------------+
+| 2021-05-13 | `CVE-2021-3531`_ | Medium | Swift API denial of service |
++------------+-------------------+-------------+--------------------------------------------+
+| 2021-05-13 | `CVE-2021-3524`_ | Medium | HTTP header injects via CORS in RGW |
++------------+-------------------+-------------+--------------------------------------------+
+| 2021-05-13 | `CVE-2021-3509`_ | High | Dashboard XSS via token cookie |
++------------+-------------------+-------------+--------------------------------------------+
| 2021-04-14 | `CVE-2021-20288`_ | High | Unauthorized global_id reuse in cephx |
+------------+-------------------+-------------+--------------------------------------------+
| 2020-12-18 | `CVE-2020-27781`_ | 7.1 High | CephFS creds read/modified by Manila users |
:hidden:
:maxdepth: 0
+ CVE-2021-3531 <CVE-2021-3531.rst>
+ CVE-2021-3524 <CVE-2021-3524.rst>
+ CVE-2021-3509 <CVE-2021-3509.rst>
CVE-2021-20288 <CVE-2021-20288.rst>
+.. _CVE-2021-3531: ../CVE-2021-3531
+.. _CVE-2021-3524: ../CVE-2021-3524
+.. _CVE-2021-3509: ../CVE-2021-3509
.. _CVE-2021-20288: ../CVE-2021-20288
.. _CVE-2020-27781: https://nvd.nist.gov/vuln/detail/CVE-2020-27781
.. _CVE-2020-25678: https://nvd.nist.gov/vuln/detail/CVE-2020-25678
projects / ceph.git / commitdiff