cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-0670,https://securityvulnerability.io/vulnerability/CVE-2022-0670,OpenStack Manila Vulnerability in Ceph File System,"A vulnerability exists in OpenStack Manila's management of Ceph file systems, allowing an owner to gain unauthorized read and write access to any Manila share or entire file system. This issue stems from a bug in the Ceph Manager's 'volumes' plugin, compromising both the confidentiality and integrity of the affected file systems. The vulnerability has been resolved in Ceph versions 17.2.2 and RHCS 5.2.",Linux,Ceph,9.1,CRITICAL,0.0014400000218302011,false,,false,false,false,,,false,false,,2022-07-25T13:58:09.000Z,0
CVE-2021-20288,https://securityvulnerability.io/vulnerability/CVE-2021-20288,,"An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests, it doesn't sanitize other_keys, allowing key reuse. An attacker who can request a global_id can exploit the ability of any user to request a global_id previously associated with another user, as ceph does not force the reuse of old keys to generate new ones. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",Linux,Ceph,7.2,HIGH,0.0029299999587237835,false,,false,false,false,,,false,false,,2021-04-15T00:00:00.000Z,0
CVE-2020-12059,https://securityvulnerability.io/vulnerability/CVE-2020-12059,,An issue was discovered in Ceph through 13.2.9. A POST request with an invalid tagging XML can crash the RGW process by triggering a NULL pointer exception.,Linux,Ceph,7.5,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2020-04-22T00:00:00.000Z,0