ID CVE-2020-1759
Summary A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks.
References
Vulnerable Configurations
  • cpe:2.3:a:redhat:ceph_storage:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:ceph_storage:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openshift:4.2:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:openshift:4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openstack:15:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:openstack:15:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:-:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:-:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:12.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:12.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:12.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:12.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:12.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:12.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:12.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:12.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:12.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:12.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:12.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:12.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:12.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:12.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:12.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:12.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:12.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:12.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:12.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:12.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:12.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:12.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:12.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:12.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:12.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:12.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:12.2.13:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:12.2.13:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:13.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:13.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:13.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:13.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:13.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:13.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:13.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:13.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:13.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:13.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:13.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:13.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:13.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:13.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:13.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:13.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:13.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:13.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:13.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:13.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:13.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:13.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.13:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.13:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.14:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.14:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.15:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.15:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.16:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.16:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.17:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.17:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.18:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.18:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.19:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.19:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:ceph:14.2.20:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:ceph:14.2.20:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
CVSS
Base: 5.8 (as of 04-08-2021 - 17:15)
Impact:
Exploitability:
CWE CWE-323
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:N
redhat via4
rpms
  • ceph-ansible-0:4.0.31-1.el7cp
  • ceph-ansible-0:4.0.31-1.el8cp
  • ceph-base-2:14.2.8-111.el7cp
  • ceph-base-2:14.2.8-111.el8cp
  • ceph-base-debuginfo-2:14.2.8-111.el8cp
  • ceph-common-2:14.2.8-111.el7cp
  • ceph-common-2:14.2.8-111.el8cp
  • ceph-common-debuginfo-2:14.2.8-111.el8cp
  • ceph-debuginfo-2:14.2.8-111.el7cp
  • ceph-debugsource-2:14.2.8-111.el8cp
  • ceph-fuse-2:14.2.8-111.el7cp
  • ceph-fuse-2:14.2.8-111.el8cp
  • ceph-fuse-debuginfo-2:14.2.8-111.el8cp
  • ceph-grafana-dashboards-2:14.2.8-111.el7cp
  • ceph-grafana-dashboards-2:14.2.8-111.el8cp
  • ceph-mds-2:14.2.8-111.el7cp
  • ceph-mds-2:14.2.8-111.el8cp
  • ceph-mds-debuginfo-2:14.2.8-111.el8cp
  • ceph-mgr-2:14.2.8-111.el7cp
  • ceph-mgr-2:14.2.8-111.el8cp
  • ceph-mgr-dashboard-2:14.2.8-111.el7cp
  • ceph-mgr-dashboard-2:14.2.8-111.el8cp
  • ceph-mgr-debuginfo-2:14.2.8-111.el8cp
  • ceph-mgr-diskprediction-local-2:14.2.8-111.el7cp
  • ceph-mgr-diskprediction-local-2:14.2.8-111.el8cp
  • ceph-mgr-k8sevents-2:14.2.8-111.el7cp
  • ceph-mgr-k8sevents-2:14.2.8-111.el8cp
  • ceph-mgr-rook-2:14.2.8-111.el7cp
  • ceph-mgr-rook-2:14.2.8-111.el8cp
  • ceph-mon-2:14.2.8-111.el7cp
  • ceph-mon-2:14.2.8-111.el8cp
  • ceph-mon-debuginfo-2:14.2.8-111.el8cp
  • ceph-osd-2:14.2.8-111.el7cp
  • ceph-osd-2:14.2.8-111.el8cp
  • ceph-osd-debuginfo-2:14.2.8-111.el8cp
  • ceph-radosgw-2:14.2.8-111.el7cp
  • ceph-radosgw-2:14.2.8-111.el8cp
  • ceph-radosgw-debuginfo-2:14.2.8-111.el8cp
  • ceph-selinux-2:14.2.8-111.el7cp
  • ceph-selinux-2:14.2.8-111.el8cp
  • ceph-test-2:14.2.8-111.el7cp
  • ceph-test-2:14.2.8-111.el8cp
  • ceph-test-debuginfo-2:14.2.8-111.el8cp
  • libcephfs-devel-2:14.2.8-111.el7cp
  • libcephfs-devel-2:14.2.8-111.el8cp
  • libcephfs2-2:14.2.8-111.el7cp
  • libcephfs2-2:14.2.8-111.el8cp
  • libcephfs2-debuginfo-2:14.2.8-111.el8cp
  • librados-devel-2:14.2.8-111.el7cp
  • librados-devel-2:14.2.8-111.el8cp
  • librados-devel-debuginfo-2:14.2.8-111.el8cp
  • librados2-2:14.2.8-111.el7cp
  • librados2-2:14.2.8-111.el8cp
  • librados2-debuginfo-2:14.2.8-111.el8cp
  • libradospp-devel-2:14.2.8-111.el7cp
  • libradospp-devel-2:14.2.8-111.el8cp
  • libradosstriper1-2:14.2.8-111.el7cp
  • libradosstriper1-2:14.2.8-111.el8cp
  • libradosstriper1-debuginfo-2:14.2.8-111.el8cp
  • librbd-devel-2:14.2.8-111.el7cp
  • librbd-devel-2:14.2.8-111.el8cp
  • librbd1-2:14.2.8-111.el7cp
  • librbd1-2:14.2.8-111.el8cp
  • librbd1-debuginfo-2:14.2.8-111.el8cp
  • librgw-devel-2:14.2.8-111.el7cp
  • librgw-devel-2:14.2.8-111.el8cp
  • librgw2-2:14.2.8-111.el7cp
  • librgw2-2:14.2.8-111.el8cp
  • librgw2-debuginfo-2:14.2.8-111.el8cp
  • python-ceph-argparse-2:14.2.8-111.el7cp
  • python-cephfs-2:14.2.8-111.el7cp
  • python-rados-2:14.2.8-111.el7cp
  • python-rbd-2:14.2.8-111.el7cp
  • python-rgw-2:14.2.8-111.el7cp
  • python3-ceph-argparse-2:14.2.8-111.el8cp
  • python3-cephfs-2:14.2.8-111.el8cp
  • python3-cephfs-debuginfo-2:14.2.8-111.el8cp
  • python3-rados-2:14.2.8-111.el8cp
  • python3-rados-debuginfo-2:14.2.8-111.el8cp
  • python3-rbd-2:14.2.8-111.el8cp
  • python3-rbd-debuginfo-2:14.2.8-111.el8cp
  • python3-rgw-2:14.2.8-111.el8cp
  • python3-rgw-debuginfo-2:14.2.8-111.el8cp
  • rbd-fuse-debuginfo-2:14.2.8-111.el8cp
  • rbd-mirror-2:14.2.8-111.el7cp
  • rbd-mirror-2:14.2.8-111.el8cp
  • rbd-mirror-debuginfo-2:14.2.8-111.el8cp
  • rbd-nbd-2:14.2.8-111.el7cp
  • rbd-nbd-2:14.2.8-111.el8cp
  • rbd-nbd-debuginfo-2:14.2.8-111.el8cp
refmap via4
confirm https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1759
fedora FEDORA-2020-81b9c6cddc
Last major update 04-08-2021 - 17:15
Published 13-04-2020 - 13:15
Last modified 04-08-2021 - 17:15
Back to Top