Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-3979

Опубликовано: 25 авг. 2022
Источник: nvd
CVSS3: 6.5
EPSS Низкий

Описание

A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ceph_storage:4.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ceph_storage:5.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_storage:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_data_foundation:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:ceph_storage_for_ibm_z_systems:4.0:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

Одно из

cpe:2.3:a:redhat:ceph_storage:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ceph_storage_for_power:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Конфигурация 3

Одновременно

Одно из

cpe:2.3:a:redhat:ceph_storage:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:ceph_storage_for_power:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

EPSS

Процентиль: 42%
0.00199
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-327
CWE-287

Связанные уязвимости

ubuntu логотип

CVE-2021-3979

CVSS3: 6.5
ubuntu
почти 3 года назад

A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks.

redhat логотип

CVE-2021-3979

CVSS3: 6.5
redhat
больше 3 лет назад

A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks.

debian логотип

CVE-2021-3979

CVSS3: 6.5
debian
почти 3 года назад

A key length flaw was found in Red Hat Ceph Storage. An attacker can e ...

suse-cvrf логотип

SUSE-SU-2022:4501-1

suse-cvrf
больше 2 лет назад

Security update for ceph

suse-cvrf логотип

SUSE-SU-2022:2818-1

suse-cvrf
почти 3 года назад

Security update for ceph

EPSS

Процентиль: 42%
0.00199
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-327
CWE-287