A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10222 | Issue Tracking Mitigation Patch Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html | |
https://tracker.ceph.com/issues/40018 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2019-11-08T14:45:41
Updated: 2020-12-04T18:00:58
Reserved: 2019-03-27T00:00:00
Link: CVE-2019-10222
JSON object: View
NVD Information
Status : Modified
Published: 2019-11-08T15:15:11.437
Modified: 2023-10-23T19:15:09.617
Link: CVE-2019-10222
JSON object: View
Redhat Information
No data.
CWE