HIGH🇵🇱 Wersja polska

CVE-2022-3650

CVSS 7.8v3.1pub. 2023-01-17upd. 2025-11-03

A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Red Hat Ceph

    APP
    Redhat
    16.2.9
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
LPE
CWE
References

Related vulnerabilities

CVE-2024-47866HIGH7.5ten sam produkt

Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using ...

CVE-2020-27781HIGH7.1ten sam produkt

User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in po...

CVE-2020-25660HIGH8.8ten sam produkt

A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it d...

CVE-2018-1128HIGH7.5ten sam produkt

It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to re...

CVE-2018-7262HIGH7.5ten sam produkt

In Ceph before 12.2.3 and 13.x through 13.0.1, the rgw_civetweb.cc RGWCivetWeb::init_env function in radosgw d...