CVE-2020-10753

A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. Ceph versions 3.x and 4.x are vulnerable to this issue.

Published: Jun 26, 2020
Updated: Apr 13, 2023
CVE: CVE-2020-10753
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-74
CWE-113

Affected Software
References

Software	From	Fixed in
redhat / ceph_storage	3.0	3.0.x
redhat / ceph_storage	4.0	4.0.x
redhat / openstack	15	15.x
fedoraproject / fedora	32	32.x
opensuse / leap	15.1	15.1.x
linuxfoundation / ceph	-	14.2.21
canonical / ubuntu_linux	18.04	18.04.x
canonical / ubuntu_linux	16.04	16.04.x

http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00062.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10753
https://lists.debian.org/debian-lts-announce/2021/08/msg00013.html
https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/FFU7LXEL2UZE565FJBTY7UGH2O7ZUBVS/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFU7LXEL2UZE565FJBTY7UGH2O7ZUBVS/
https://security.gentoo.org/glsa/202105-39
https://usn.ubuntu.com/4528-1/

Vulnerability Database

289,599

CVE-2020-10753