All the vulnerabilites related to Red Hat - Red Hat Ceph Storage
cve-2020-10753
Vulnerability from cvelistv5
Published
2020-06-26 00:00
Modified
2024-08-04 11:14
Summary
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. Ceph versions 3.x and 4.x are vulnerable to this issue.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T11:14:15.190Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10753"
          },
          {
            "name": "openSUSE-SU-2020:0898",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00062.html"
          },
          {
            "name": "FEDORA-2020-c9bff9688e",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFU7LXEL2UZE565FJBTY7UGH2O7ZUBVS/"
          },
          {
            "name": "USN-4528-1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4528-1/"
          },
          {
            "name": "GLSA-202105-39",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202105-39"
          },
          {
            "name": "[debian-lts-announce] 20210810 [SECURITY] [DLA 2735-1] ceph security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00013.html"
          },
          {
            "name": "[debian-lts-announce] 20231023 [SECURITY] [DLA 3629-1] ceph security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Red Hat Ceph Storage",
          "vendor": "Red Hat",
          "versions": [
            {
              "status": "affected",
              "version": "versions 3.x and 4.x"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. Ceph versions 3.x and 4.x are vulnerable to this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-113",
              "description": "CWE-113",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-23T18:06:17.659671",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10753"
        },
        {
          "name": "openSUSE-SU-2020:0898",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00062.html"
        },
        {
          "name": "FEDORA-2020-c9bff9688e",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFU7LXEL2UZE565FJBTY7UGH2O7ZUBVS/"
        },
        {
          "name": "USN-4528-1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://usn.ubuntu.com/4528-1/"
        },
        {
          "name": "GLSA-202105-39",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202105-39"
        },
        {
          "name": "[debian-lts-announce] 20210810 [SECURITY] [DLA 2735-1] ceph security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00013.html"
        },
        {
          "name": "[debian-lts-announce] 20231023 [SECURITY] [DLA 3629-1] ceph security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-10753",
    "datePublished": "2020-06-26T00:00:00",
    "dateReserved": "2020-03-20T00:00:00",
    "dateUpdated": "2024-08-04T11:14:15.190Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}