CVE-2022-0670 - OpenCVE

A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system. Fixed in RHCS 5.2 and Ceph 17.2.2.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Redhat	Ceph Storage
Linuxfoundation	Ceph
Fedoraproject	Fedora

Configuration 1 [-]

OR	cpe:2.3:a:linuxfoundation:ceph::::::::
	cpe:2.3:a:linuxfoundation:ceph::::::::
	cpe:2.3:a:linuxfoundation:ceph::::::::

Configuration 2 [-]

cpe:2.3:a:redhat:ceph_storage:*:*:*:*:*:*:*:*

Configuration 3 [-]

OR	cpe:2.3:o:fedoraproject:fedora:35:::::::*
	cpe:2.3:o:fedoraproject:fedora:36:::::::*

References

Link	Resource
https://ceph.io/en/news/blog/2022/v17-2-2-quincy-released/	Release Notes Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5O3XMDFZWA2FWU6GAYOVSFJPOUTXN42N/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TIRTTRG5O4YP2TNGDCDOHIHP2DM3DFBT/

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2022-07-25T13:58:09

Updated: 2022-08-03T03:06:22

Reserved: 2022-02-17T00:00:00

Link: CVE-2022-0670

JSON object: View

NVD Information

Status : Modified

Published: 2022-07-25T14:15:10.327

Modified: 2023-11-07T03:41:28.753

Link: CVE-2022-0670

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Ceph", "vendor": "n/a", "versions": [{"status": "affected", "version": "Ceph v 17.2.2"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in Openstack manilla owning a Ceph File system \"share\", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the \"volumes\" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system. Fixed in RHCS 5.2 and Ceph 17.2.2."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-863", "description": "CWE-863", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-08-03T03:06:22", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://ceph.io/en/news/blog/2022/v17-2-2-quincy-released/"}, {"name": "FEDORA-2022-67e0522b94", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5O3XMDFZWA2FWU6GAYOVSFJPOUTXN42N/"}, {"name": "FEDORA-2022-6d129f14f2", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TIRTTRG5O4YP2TNGDCDOHIHP2DM3DFBT/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2022-0670", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Ceph", "version": {"version_data": [{"version_value": "Ceph v 17.2.2"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A flaw was found in Openstack manilla owning a Ceph File system \"share\", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the \"volumes\" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system. Fixed in RHCS 5.2 and Ceph 17.2.2."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-863"}]}]}, "references": {"reference_data": [{"name": "https://ceph.io/en/news/blog/2022/v17-2-2-quincy-released/", "refsource": "MISC", "url": "https://ceph.io/en/news/blog/2022/v17-2-2-quincy-released/"}, {"name": "FEDORA-2022-67e0522b94", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5O3XMDFZWA2FWU6GAYOVSFJPOUTXN42N/"}, {"name": "FEDORA-2022-6d129f14f2", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRTTRG5O4YP2TNGDCDOHIHP2DM3DFBT/"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-0670", "datePublished": "2022-07-25T13:58:09", "dateReserved": "2022-02-17T00:00:00", "dateUpdated": "2022-08-03T03:06:22", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:linuxfoundation:ceph:*:*:*:*:*:*:*:*", "matchCriteriaId": "28C6E0ED-84FA-4467-BAB9-3112FE35F1A6", "versionEndExcluding": "15.2.17", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:linuxfoundation:ceph:*:*:*:*:*:*:*:*", "matchCriteriaId": "C7F18E3B-6C02-4419-80D7-9F5C867FB07D", "versionEndExcluding": "16.2.10", "versionStartIncluding": "16.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:linuxfoundation:ceph:*:*:*:*:*:*:*:*", "matchCriteriaId": "37FAE424-D918-4082-BF02-A7F4E0EF826B", "versionEndExcluding": "17.2.2", "versionStartIncluding": "17.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:ceph_storage:*:*:*:*:*:*:*:*", "matchCriteriaId": "AFD1F25C-66AD-4F19-863C-530F5DDC5C28", "versionEndExcluding": "5.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in Openstack manilla owning a Ceph File system \"share\", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the \"volumes\" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system. Fixed in RHCS 5.2 and Ceph 17.2.2."}, {"lang": "es", "value": "Se ha encontrado un fallo en Openstack manilla que posee un \"share\" del sistema de archivos Ceph, que permite al propietario leer/escribir cualquier manilla compartido o todo el sistema de archivos. La vulnerabilidad es debido a un error en el plugin de \"volumes\" en Ceph Manager. Esto permite a un atacante comprometer la Confidencialidad e Integridad de un sistema de archivos. Corregido en RHCS versi\u00f3n 5.2 y Ceph versi\u00f3n 17.2.2"}], "id": "CVE-2022-0670", "lastModified": "2023-11-07T03:41:28.753", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-07-25T14:15:10.327", "references": [{"source": "secalert@redhat.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://ceph.io/en/news/blog/2022/v17-2-2-quincy-released/"}, {"source": "secalert@redhat.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5O3XMDFZWA2FWU6GAYOVSFJPOUTXN42N/"}, {"source": "secalert@redhat.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TIRTTRG5O4YP2TNGDCDOHIHP2DM3DFBT/"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-863"}], "source": "secalert@redhat.com", "type": "Secondary"}]}