{"id":"CVE-2018-14662","details":"It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption.","modified":"2026-04-10T04:05:57.285586Z","published":"2019-01-15T21:29:00.697Z","related":["SUSE-SU-2019:0499-1","SUSE-SU-2019:0586-1","openSUSE-SU-2019:1284-1"],"references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00002.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2021/08/msg00013.html"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4035-1/"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2538"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2541"},{"type":"ADVISORY","url":"https://ceph.com/releases/13-2-4-mimic-released"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14662"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ceph/ceph","events":[{"introduced":"0"},{"fixed":"b10be4d44915a4d78a8e06aa31919e74927b142e"},{"introduced":"0"},{"last_affected":"bd7989103911796eb5698cf208b0ccdc3370d707"},{"introduced":"0"},{"last_affected":"3c9db396aed1f773cbb3441dfb7a21f0b11ab3e1"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"13.2.4"},{"introduced":"0"},{"last_affected":"9.0"},{"introduced":"0"},{"last_affected":"15.0"}]}}],"versions":["v0.1","v0.18","v0.19","v0.2","v0.4","v0.5","v0.6","v0.7.1","v0.7.2","v0.7.3","v0.9","v11.0.0","v13.0.0","v13.1.0","v13.1.1","v13.2.0","v13.2.1","v13.2.2","v13.2.3","v14.0.0","v15.0.0","v9.0.0"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0"}]},{"events":[{"introduced":"0"},{"last_affected":"3.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.10"}]},{"events":[{"introduced":"0"},{"last_affected":"19.04"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-14662.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}