Use of insufficiently random values in Ceph - CVE-2020-1759
Published: April 13, 2020 / Updated: July 24, 2020
Vulnerability identifier: #VU31809
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2020-1759
CWE-ID: CWE-330
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Red Hat Inc.
Affected software:
Ceph
Ceph
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks.
How to mitigate CVE-2020-1759
Install update from vendor's website.