{
  "threat_severity" : "Moderate",
  "public_date" : "2020-04-07T10:00:00Z",
  "bugzilla" : {
    "description" : "ceph: specially crafted XML payload on POST requests leads to DoS by crashing RGW",
    "id" : "1827262",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1827262"
  },
  "cvss3" : {
    "cvss3_base_score" : "6.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-20",
  "details" : [ "An issue was discovered in Ceph through 13.2.9. A POST request with an invalid tagging XML can crash the RGW process by triggering a NULL pointer exception.", "A flaw was found in the Ceph Object Gateway S3 API, where it did not properly validate the POST requests. This flaw allows an attacker to perform a denial of service attack using a malicious POST request with specially crafted XML payload, leading to a crash of the RGW process." ],
  "statement" : "This issue affects the versions of ceph as shipped with Red Hat Ceph Storage 3, as it does not validate the parameter when reading the tagging field from POST obj XML.\nRed Hat OpenStack Platform 13 provides only the ceph client library and is not affected by this vulnerability.",
  "affected_release" : [ {
    "product_name" : "Red Hat Ceph Storage 3 - ELS",
    "release_date" : "2021-05-06T00:00:00Z",
    "advisory" : "RHSA-2021:1518",
    "cpe" : "cpe:/a:redhat:ceph_storage:3::el7",
    "package" : "ceph-2:12.2.12-139.el7cp"
  }, {
    "product_name" : "Red Hat Ceph Storage 3 - ELS",
    "release_date" : "2021-05-06T00:00:00Z",
    "advisory" : "RHSA-2021:1518",
    "cpe" : "cpe:/a:redhat:ceph_storage:3::el7",
    "package" : "ceph-ansible-0:3.2.56-1.el7cp"
  }, {
    "product_name" : "Red Hat Ceph Storage 3 - ELS",
    "release_date" : "2021-05-06T00:00:00Z",
    "advisory" : "RHSA-2021:1518",
    "cpe" : "cpe:/a:redhat:ceph_storage:3::el7",
    "package" : "cephmetrics-0:2.0.10-1.el7cp"
  }, {
    "product_name" : "Red Hat Ceph Storage 3 - ELS",
    "release_date" : "2021-05-06T00:00:00Z",
    "advisory" : "RHSA-2021:1518",
    "cpe" : "cpe:/a:redhat:ceph_storage:3::el7",
    "package" : "grafana-0:5.2.4-3.el7cp"
  }, {
    "product_name" : "Red Hat Ceph Storage 3 - ELS",
    "release_date" : "2021-05-06T00:00:00Z",
    "advisory" : "RHSA-2021:1518",
    "cpe" : "cpe:/a:redhat:ceph_storage:3::el7",
    "package" : "tcmu-runner-0:1.4.0-3.el7cp"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Ceph Storage 2",
    "fix_state" : "Not affected",
    "package_name" : "ceph",
    "cpe" : "cpe:/a:redhat:ceph_storage:2"
  }, {
    "product_name" : "Red Hat Ceph Storage 4",
    "fix_state" : "Not affected",
    "package_name" : "ceph",
    "cpe" : "cpe:/a:redhat:ceph_storage:4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "ceph",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat OpenStack Platform 13 (Queens)",
    "fix_state" : "Not affected",
    "package_name" : "ceph",
    "cpe" : "cpe:/a:redhat:openstack:13"
  }, {
    "product_name" : "Red Hat OpenStack Platform 15 (Stein)",
    "fix_state" : "Not affected",
    "package_name" : "ceph",
    "cpe" : "cpe:/a:redhat:openstack:15"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-12059\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-12059\nhttps://ceph.io/releases/v13-2-10-mimic-released/" ],
  "name" : "CVE-2020-12059",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}