Security restrictions bypass in Ceph - CVE-2018-1128
Published: August 28, 2018
Vulnerability identifier: #VU14542
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-1128
CWE-ID: CWE-264
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: Red Hat Inc.
Affected software:
Ceph
Ceph
Detailed vulnerability description
The vulnerability allows an adjacent attacker to conduct replay attack on the target system.
The vulnerability exists in ceph branches master, mimic, luminous and jewel due to cephx authentication protocol did not verify ceph clients correctly. An adjacent attacker with access to ceph cluster network who is able to sniff packets on network can authenticate with ceph service, perform actions allowed by ceph service, conduct replay attack and bypass security restrictions.
How to mitigate CVE-2018-1128
Install update from vendor's website.