Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2020-1699

A path traversal flaw was found in the Ceph dashboard implemented in upstream versions v14.2.5, v14.2.6, v15.0.0 of Ceph storage and has been fixed in versions 14.2.7 and 15.1.0. An unauthenticated attacker could use this flaw to cause information disclosure on the host machine running the Ceph dashboard.

Related bugs and status

CVE-2020-1699 (Candidate) is related to these bugs:

Bug #1861789: [SRU] ceph 14.2.8

		In	Importance	Status
1861789	[SRU] ceph 14.2.8	ceph (Ubuntu)	Undecided	Invalid
1861789	[SRU] ceph 14.2.8	ceph (Ubuntu Eoan)	High	Fix Released
1861789	[SRU] ceph 14.2.8	Ubuntu Cloud Archive	Undecided	Invalid
1861789	[SRU] ceph 14.2.8	Ubuntu Cloud Archive train	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://bugzilla.redha...