Skip to main content

Ceph Storage CVE-2018-1128

HIGH
Authentication Bypass by Capture-replay (CWE-294)
2018-07-10 secalert@redhat.com
7.5
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Jul 10, 2018 - 14:29 nvd
HIGH 7.5

DescriptionNVD

It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.

AnalysisAI

It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Rated high severity (CVSS 7.5), this vulnerability is no authentication required.

Technical ContextAI

This vulnerability is classified under CWE-294. It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable. Affected products include: Redhat Ceph Storage, Redhat Ceph Storage Mon, Redhat Ceph Storage Osd, Redhat Enterprise Linux, Redhat Enterprise Linux Desktop.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2023-48795 MEDIUM POC
5.9 Dec 18

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remot

CVE-2022-26148 CRITICAL POC
9.8 Mar 21

An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. Rated critical severity (CVSS 9.8), this

CVE-2018-14649 CRITICAL POC
9.8 Oct 09

It was found that ceph-isci-cli package as shipped by Red Hat Ceph Storage 2 and 3 is using python-werkzeug in debug she

CVE-2018-15727 CRITICAL POC
9.8 Aug 29

Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generat

CVE-2025-13601 HIGH POC
7.7 Nov 26

Heap-based buffer overflow in GLib's g_escape_uri_string() function allows local attackers to achieve high-integrity and

CVE-2016-7031 HIGH POC
7.5 Oct 03

The RGW code in Ceph before 10.0.1, when authenticated-read ACL is applied to a bucket, allows remote attackers to list

CVE-2021-3509 MEDIUM POC
6.1 May 27

A flaw was found in Red Hat Ceph Storage 4, in the Dashboard component. Rated medium severity (CVSS 6.1), this vulnerabi

CVE-2021-20236 CRITICAL
9.8 May 28

A flaw was found in the ZeroMQ server in versions before 4.3.3. Rated critical severity (CVSS 9.8), this vulnerability i

CVE-2020-12458 MEDIUM POC
5.5 Apr 29

An information-disclosure flaw was found in Grafana through 6.7.3. Rated medium severity (CVSS 5.5), this vulnerability

CVE-2022-0670 CRITICAL
9.1 Jul 25

A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manil

CVE-2021-4048 CRITICAL
9.1 Dec 08

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.

CVE-2020-25660 HIGH
8.8 Nov 23

A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not ve

Share

CVE-2018-1128 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy