Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-1759

Опубликовано: 13 апр. 2020
Источник: nvd
CVSS3: 6.4
CVSS3: 6.8
CVSS2: 5.8
EPSS Низкий

Описание

A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:ceph_storage:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift:4.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:15:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:a:linuxfoundation:ceph:*:*:*:*:*:*:*:*
Версия до 14.2.21 (исключая)
Конфигурация 3
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*

EPSS

Процентиль: 61%
0.00412
Низкий

6.4 Medium

CVSS3

6.8 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-323
CWE-330

Связанные уязвимости

ubuntu логотип

CVE-2020-1759

CVSS3: 6.4
ubuntu
почти 6 лет назад

A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks.

redhat логотип

CVE-2020-1759

CVSS3: 6.4
redhat
почти 6 лет назад

A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks.

debian логотип

CVE-2020-1759

CVSS3: 6.4
debian
почти 6 лет назад

A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Opensh ...

github логотип

GHSA-hcpq-vw4g-3vmh

github
больше 3 лет назад

A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks.

suse-cvrf логотип

openSUSE-SU-2020:0494-1

suse-cvrf
почти 6 лет назад

Security update for ceph

EPSS

Процентиль: 61%
0.00412
Низкий

6.4 Medium

CVSS3

6.8 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-323
CWE-330