{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T17:46:29.849","vulnerabilities":[{"cve":{"id":"CVE-2022-0670","sourceIdentifier":"secalert@redhat.com","published":"2022-07-25T14:15:10.327","lastModified":"2024-11-21T06:39:09.053","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Openstack manilla owning a Ceph File system \"share\", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the \"volumes\" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system. Fixed in RHCS 5.2 and Ceph 17.2.2."},{"lang":"es","value":"Se ha encontrado un fallo en Openstack manilla que posee un \"share\" del sistema de archivos Ceph, que permite al propietario leer/escribir cualquier manilla compartido o todo el sistema de archivos. La vulnerabilidad es debido a un error en el plugin de \"volumes\" en Ceph Manager. Esto permite a un atacante comprometer la Confidencialidad e Integridad de un sistema de archivos. Corregido en RHCS versión 5.2 y Ceph versión 17.2.2"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:ceph:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndExcluding":"15.2.17","matchCriteriaId":"28C6E0ED-84FA-4467-BAB9-3112FE35F1A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:ceph:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.2.10","matchCriteriaId":"C7F18E3B-6C02-4419-80D7-9F5C867FB07D"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:ceph:*:*:*:*:*:*:*:*","versionStartIncluding":"17.0.0","versionEndExcluding":"17.2.2","matchCriteriaId":"37FAE424-D918-4082-BF02-A7F4E0EF826B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:ceph_storage:*:*:*:*:*:*:*:*","versionEndExcluding":"5.2","matchCriteriaId":"AFD1F25C-66AD-4F19-863C-530F5DDC5C28"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","matchCriteriaId":"80E516C0-98A4-4ADE-B69F-66A772E2BAAA"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*","matchCriteriaId":"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"}]}]}],"references":[{"url":"https://ceph.io/en/news/blog/2022/v17-2-2-quincy-released/","source":"secalert@redhat.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5O3XMDFZWA2FWU6GAYOVSFJPOUTXN42N/","source":"secalert@redhat.com"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TIRTTRG5O4YP2TNGDCDOHIHP2DM3DFBT/","source":"secalert@redhat.com"},{"url":"https://ceph.io/en/news/blog/2022/v17-2-2-quincy-released/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5O3XMDFZWA2FWU6GAYOVSFJPOUTXN42N/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TIRTTRG5O4YP2TNGDCDOHIHP2DM3DFBT/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}