Vulnerability Details CVE-2019-19337
A flaw was found in Red Hat Ceph Storage version 3 in the way the Ceph RADOS Gateway daemon handles S3 requests. An authenticated attacker can abuse this flaw by causing a remote denial of service by sending a specially crafted HTTP Content-Length header to the Ceph RADOS Gateway server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 66.9%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2019-19337
-
cpe:2.3:a:redhat:ceph_storage:3.3