CVE-2015-5245

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2015-5245
CRLF injection vulnerability in the Ceph Object Gateway (aka radosgw or RGW) in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted bucket name.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://lists.ceph.com/pipermail/ceph-announce-ceph.com/2015-October/000034.html Vendor Advisory
http://tracker.ceph.com/issues/12537
https://access.redhat.com/errata/RHSA-2015:2512
Configurations

Configuration 1 (hide)

cpe:2.3:a:redhat:ceph:*:*:*:*:*:*:*:*
History

13 Feb 2023, 00:52

Type Values Removed Values Added
References
  • {'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=1261606', 'name': 'https://bugzilla.redhat.com/show_bug.cgi?id=1261606', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/security/cve/CVE-2015-5245', 'name': 'https://access.redhat.com/security/cve/CVE-2015-5245', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/errata/RHSA-2015:2066', 'name': 'https://access.redhat.com/errata/RHSA-2015:2066', 'tags': [], 'refsource': 'MISC'}
Summary A feature in Ceph Object Gateway (RGW) allows to return a specific HTTP header that contains the name of a bucket that was accessed. It was found that the returned HTTP headers were not sanitized. An unauthenticated attacker could use this flaw to craft HTTP headers in responses that would confuse the load balancer residing in front of RGW, potentially resulting in a denial of service. CRLF injection vulnerability in the Ceph Object Gateway (aka radosgw or RGW) in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted bucket name.

02 Feb 2023, 16:16

Type Values Removed Values Added
Summary CRLF injection vulnerability in the Ceph Object Gateway (aka radosgw or RGW) in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted bucket name. A feature in Ceph Object Gateway (RGW) allows to return a specific HTTP header that contains the name of a bucket that was accessed. It was found that the returned HTTP headers were not sanitized. An unauthenticated attacker could use this flaw to craft HTTP headers in responses that would confuse the load balancer residing in front of RGW, potentially resulting in a denial of service.
References
  • (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1261606 -
  • (MISC) https://access.redhat.com/security/cve/CVE-2015-5245 -
  • (MISC) https://access.redhat.com/errata/RHSA-2015:2066 -
Information

Published : 2015-12-03 20:59

Updated : 2023-12-10 11:46

NVD link : CVE-2015-5245

Mitre link : CVE-2015-5245

CVE.ORG link : CVE-2015-5245

JSON object : View

Products Affected

redhat

  • ceph
CWE
NVD-CWE-Other