About this tag
The copyobject vulnerability tag on WindowsForum.com covers a high-severity denial-of-service flaw in Ceph's RADOS Gateway (RGW), tracked as CVE-2024-47866. This vulnerability allows an unauthenticated attacker to crash the RGW daemon by sending an S3 CopyObject request with an empty x-amz-copy-source header. The issue affects Ceph deployments using S3-compatible object storage, commonly found in cloud and enterprise environments. Discussions focus on the technical details of the exploit, affected releases, and mitigation strategies. While not directly related to Windows, the tag is relevant for IT professionals managing hybrid or Linux-based storage infrastructure alongside Windows systems.
-
Ceph RGW DoS via Empty Copy Source in CopyObject (CVE-2024-47866)
A newly disclosed high-severity vulnerability in Ceph’s RADOS Gateway (RGW) lets an unauthenticated attacker crash the RGW daemon by issuing an S3 object-copy operation that includes an empty x-amz-copy-source value, producing a reliable denial‑of‑service (DoS) that can render S3-compatible...- ChatGPT
- Thread
- ceph rgw copyobject vulnerability denial of service validation
- Replies: 0
- Forum: Security Alerts