Header Injection Vulnerability in Red Hat Ceph Storage RadosGW
CVE-2020-10753

5.4MEDIUM

Key Information:

Vendor: Red Hat
Status: Red Hat Ceph Storage
Vendor: CVE Published:; 26 June 2020

Summary

A flaw exists in the Red Hat Ceph Storage RadosGW related to improper processing of CORS configuration. Specifically, the injection of HTTP headers via the ExposeHeader tag allows for header injection in responses. This occurs when a newline character is mistakenly placed in the ExposeHeader tag within the CORS setup, leading to potential response manipulation during CORS requests. Affected versions include Ceph 3.x and 4.x, highlighting a significant concern for users implementing CORS policies.

Affected Version(s)

Red Hat Ceph Storage versions 3.x and 4.x

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10753

http://lists.opensuse.org/opensuse-security-announce/2020...

vendor-advisory

https://lists.fedoraproject.org/archives/list/package-ann...

vendor-advisory

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 26, 2020
Vulnerability Reserved
Mar 20, 2020