Detections
Analytics

openSUSE 15 Security Update : ceph (openSUSE-SU-2021:1834-1)

medium Nessus Plugin ID 151719

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1834-1 advisory.

 - A flaw was found in Red Hat Ceph Storage 4, in the Dashboard component. In response to CVE-2020-27839, the JWT token was moved from localStorage to an httpOnly cookie. However, token cookies are used in the body of the HTTP response for the documentation, which again makes it available to XSS.The greatest threat to the system is for confidentiality, integrity, and availability. (CVE-2021-3509)

 - A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. In addition, the prior bug fix for CVE-2020-10753 did not account for the use of \r as a header separator, thus a new flaw has been created. (CVE-2021-3524)

 - A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can cause the rgw to crash, resulting in a denial of service. The greatest threat to the system is of availability. (CVE-2021-3531)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1185619

https://bugzilla.suse.com/1186020

https://bugzilla.suse.com/1186021

http://www.nessus.org/u?7a24263d

https://www.suse.com/security/cve/CVE-2021-3509

https://www.suse.com/security/cve/CVE-2021-3524

https://www.suse.com/security/cve/CVE-2021-3531

Plugin Details

Severity: Medium

ID: 151719

File Name: openSUSE-2021-1834.nasl

Version: 1.3

Type: local

Agent: unix

Published: 7/16/2021

Updated: 12/8/2023

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.8

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.4

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2021-3524

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:librgw2, p-cpe:/a:novell:opensuse:ceph-osd, p-cpe:/a:novell:opensuse:librbd1, p-cpe:/a:novell:opensuse:ceph-mgr-diskprediction-local, p-cpe:/a:novell:opensuse:python3-rgw, p-cpe:/a:novell:opensuse:ceph-mds, p-cpe:/a:novell:opensuse:rbd-fuse, p-cpe:/a:novell:opensuse:ceph-fuse, p-cpe:/a:novell:opensuse:python3-rados, p-cpe:/a:novell:opensuse:librbd-devel, p-cpe:/a:novell:opensuse:librgw-devel, p-cpe:/a:novell:opensuse:libcephfs-devel, p-cpe:/a:novell:opensuse:librados2, p-cpe:/a:novell:opensuse:rbd-mirror, p-cpe:/a:novell:opensuse:python3-ceph-common, p-cpe:/a:novell:opensuse:ceph-mon, p-cpe:/a:novell:opensuse:ceph-mgr-rook, p-cpe:/a:novell:opensuse:ceph-mgr-dashboard, p-cpe:/a:novell:opensuse:ceph-immutable-object-cache, p-cpe:/a:novell:opensuse:librados-devel, p-cpe:/a:novell:opensuse:ceph, p-cpe:/a:novell:opensuse:ceph-mgr-cephadm, p-cpe:/a:novell:opensuse:ceph-base, p-cpe:/a:novell:opensuse:python3-rbd, p-cpe:/a:novell:opensuse:cephfs-shell, p-cpe:/a:novell:opensuse:cephadm, p-cpe:/a:novell:opensuse:rbd-nbd, p-cpe:/a:novell:opensuse:ceph-grafana-dashboards, p-cpe:/a:novell:opensuse:ceph-common, p-cpe:/a:novell:opensuse:rados-objclass-devel, p-cpe:/a:novell:opensuse:ceph-test, cpe:/o:novell:opensuse:15.3, p-cpe:/a:novell:opensuse:python3-cephfs, p-cpe:/a:novell:opensuse:ceph-mgr-modules-core, p-cpe:/a:novell:opensuse:libradospp-devel, p-cpe:/a:novell:opensuse:python3-ceph-argparse, p-cpe:/a:novell:opensuse:ceph-mgr-diskprediction-cloud, p-cpe:/a:novell:opensuse:ceph-mgr-k8sevents, p-cpe:/a:novell:opensuse:ceph-radosgw, p-cpe:/a:novell:opensuse:ceph-mgr, p-cpe:/a:novell:opensuse:ceph-prometheus-alerts, p-cpe:/a:novell:opensuse:libcephfs2

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/10/2021

Vulnerability Publication Date: 5/17/2021

Reference Information

CVE: CVE-2021-3509, CVE-2021-3524, CVE-2021-3531