{
  "threat_severity" : "Moderate",
  "public_date" : "2018-07-09T12:00:00Z",
  "bugzilla" : {
    "description" : "ceph: ceph-mon does not perform authorization on OSD pool ops",
    "id" : "1593308",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1593308"
  },
  "cvss3" : {
    "cvss3_base_score" : "4.6",
    "cvss3_scoring_vector" : "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
    "status" : "verified"
  },
  "cwe" : "CWE-285",
  "details" : [ "A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected.", "A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete and corrupt snapshot images" ],
  "affected_release" : [ {
    "product_name" : "Red Hat Ceph Storage 2.5",
    "release_date" : "2018-07-26T00:00:00Z",
    "advisory" : "RHSA-2018:2261",
    "cpe" : "cpe:/a:redhat:ceph_storage:2::el7",
    "package" : "ceph-2:10.2.10-28.el7cp"
  }, {
    "product_name" : "Red Hat Ceph Storage 2.5",
    "release_date" : "2018-07-26T00:00:00Z",
    "advisory" : "RHSA-2018:2261",
    "cpe" : "cpe:/a:redhat:ceph_storage:2::el7",
    "package" : "ceph-ansible-0:3.0.39-1.el7cp"
  }, {
    "product_name" : "Red Hat Ceph Storage 2 for Ubuntu",
    "release_date" : "2018-07-26T00:00:00Z",
    "advisory" : "RHSA-2018:2274",
    "cpe" : "cpe:/a:redhat:ceph_storage:2::ubuntu16.04",
    "package" : "ceph"
  }, {
    "product_name" : "Red Hat Ceph Storage 3.0",
    "release_date" : "2018-07-11T00:00:00Z",
    "advisory" : "RHSA-2018:2177",
    "cpe" : "cpe:/a:redhat:ceph_storage:3::el7",
    "package" : "ceph-2:12.2.4-30.el7cp"
  }, {
    "product_name" : "Red Hat Ceph Storage 3.0",
    "release_date" : "2018-07-11T00:00:00Z",
    "advisory" : "RHSA-2018:2177",
    "cpe" : "cpe:/a:redhat:ceph_storage:3::el7",
    "package" : "ceph-ansible-0:3.0.39-1.el7cp"
  }, {
    "product_name" : "Red Hat Ceph Storage 3.0",
    "release_date" : "2018-07-11T00:00:00Z",
    "advisory" : "RHSA-2018:2177",
    "cpe" : "cpe:/a:redhat:ceph_storage:3::el7",
    "package" : "cephmetrics-0:1.0.1-1.el7cp"
  }, {
    "product_name" : "Red Hat Ceph Storage 3.0",
    "release_date" : "2018-07-11T00:00:00Z",
    "advisory" : "RHSA-2018:2177",
    "cpe" : "cpe:/a:redhat:ceph_storage:3::el7",
    "package" : "nfs-ganesha-0:2.5.5-6.el7cp"
  }, {
    "product_name" : "Red Hat Ceph Storage 3 for Ubuntu",
    "release_date" : "2018-07-11T00:00:00Z",
    "advisory" : "RHSA-2018:2179",
    "cpe" : "cpe:/a:redhat:ceph_storage:3::ubuntu16.04",
    "package" : "ceph"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "ceph-common",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "ceph",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2018-10861\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-10861" ],
  "name" : "CVE-2018-10861",
  "mitigation" : {
    "value" : "Use  mon_allow_pool_delete = false in ceph.conf to disable deletion of pools\n~]$ for p in `rados lspools`\ndo\nceph osd pool set $p nodelete true\ndone\ncaveat: This mitigation does not protect against  attacker from corrupting snapshot images",
    "lang" : "en:us"
  },
  "csaw" : false
}