{"id":"CVE-2018-14662","details":"It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption.","modified":"2026-05-18T05:51:30.296153349Z","published":"2019-01-15T21:29:00.697Z","related":["SUSE-SU-2019:0499-1","SUSE-SU-2019:0586-1","openSUSE-SU-2019:1284-1"],"database_specific":{"unresolved_ranges":[{"extracted_events":[{"last_affected":"16.04"},{"last_affected":"18.10"},{"last_affected":"19.04"}],"cpes":["cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"],"vendor_product":"canonical:ubuntu_linux","source":"CPE_FIELD"},{"extracted_events":[{"last_affected":"8.0"},{"last_affected":"9.0"}],"cpes":["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"],"vendor_product":"debian:debian_linux","source":"CPE_FIELD"},{"extracted_events":[{"last_affected":"15.0"}],"cpes":["cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"],"vendor_product":"opensuse:leap","source":"CPE_FIELD"},{"extracted_events":[{"last_affected":"2.0"},{"last_affected":"3.0"}],"cpes":["cpe:2.3:a:redhat:ceph_storage:2.0:*:*:*:*:*:*:*","cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*"],"vendor_product":"redhat:ceph_storage","source":"CPE_FIELD"},{"extracted_events":[{"last_affected":"7.0"}],"cpes":["cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"],"source":"CPE_FIELD","vendor_product":"redhat:enterprise_linux_server"}]},"references":[{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2538"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2541"},{"type":"ADVISORY","url":"https://ceph.com/releases/13-2-4-mimic-released"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00002.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2021/08/msg00013.html"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4035-1/"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14662"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ceph/ceph","events":[{"introduced":"0"},{"fixed":"b10be4d44915a4d78a8e06aa31919e74927b142e"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"fixed":"13.2.4"}],"cpe":"cpe:2.3:a:redhat:ceph:*:*:*:*:*:*:*:*","source":"CPE_FIELD"}}],"versions":["v13.2.3","v13.2.2","v13.2.1","v13.2.0","v13.1.1","v13.1.0","v13.0.0","v11.0.0","v0.19","v0.18","v0.9","v0.7.3","v0.7.2","v0.7.1","v0.6","v0.5","v0.4","v0.2","v0.1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-14662.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}