CVE-2016-7031

The RGW code in Ceph before 10.0.1, when authenticated-read ACL is applied to a bucket, allows remote attackers to list the bucket contents via a URL.

Date published : 2016-10-03

http://www.securityfocus.com/bid/93240

http://docs.ceph.com/docs/master/release-notes/#v10-0-1