← Volver a CVEs
CVE-2019-3821
HIGH7.5
Descripcion
A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL enabled. An unauthenticated attacker could create multiple connections to ceph RADOS gateway to exhaust file descriptors for ceph-radosgw service resulting in a remote denial of service.
Detalles CVE
Puntuacion CVSS v3.17.5
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado3/27/2019
Ultima modificacion5/5/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
canonical:ubuntu_linuxceph:civetweb
Debilidades (CWE)
CWE-772CWE-772
Referencias
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3821(secalert@redhat.com)
https://github.com/ceph/civetweb/pull/33(secalert@redhat.com)
https://usn.ubuntu.com/4035-1/(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3821(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/ceph/civetweb/pull/33(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/4035-1/(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.