CVE-2018-1128: It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph…

high7.5CVSS 3.1

AVAACHPRNUINSUCHIHAH

It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.

Affected

36 ranges· showing 25

Vendor	Product	Version range	Fixed in
debian	ceph	< ceph 14.2.15-1 (bookworm)	ceph 14.2.15-1 (bookworm)
debian	ceph	< ceph 12.2.8+dfsg1-1 (bookworm)	ceph 12.2.8+dfsg1-1 (bookworm)
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	linux	< ceph 12.2.8+dfsg1-1 (bookworm)	ceph 12.2.8+dfsg1-1 (bookworm)
fedoraproject	fedora	—	—
linux	linux_kernel	>= 0 < 4.19.9-1	4.19.9-1
linux	linux_kernel	>= 0 < 4.19.9-1	4.19.9-1
linux	linux_kernel	>= 0 < 4.19.9-1	4.19.9-1
linux	linux_kernel	>= 0 < 4.19.9-1	4.19.9-1
linuxfoundation	ceph	>= 0 < 15.2.7-0ubuntu0.20.04.2	15.2.7-0ubuntu0.20.04.2
opensuse	leap	—	—
redhat	ceph	< 14.2.14	14.2.14
redhat	ceph	—	—
redhat	ceph	>= 0 < 12.2.8+dfsg1-1	12.2.8+dfsg1-1
redhat	ceph	>= 0 < 14.2.15-1	14.2.15-1
redhat	ceph	>= 0 < 12.2.8+dfsg1-1	12.2.8+dfsg1-1
redhat	ceph	>= 0 < 14.2.15-1	14.2.15-1
redhat	ceph	>= 0 < 12.2.8+dfsg1-1	12.2.8+dfsg1-1
redhat	ceph	>= 0 < 14.2.15-1	14.2.15-1
redhat	ceph	>= 0 < 12.2.8+dfsg1-1	12.2.8+dfsg1-1
redhat	ceph	>= 0 < 14.2.15-1	14.2.15-1
redhat	ceph	10.2.0 – 13.2.1	—
redhat	ceph	>= 15.0.0 < 15.2.6	15.2.6
redhat	ceph_storage	—	—

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

nvdv3.07.5HIGHCVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

osv7.5HIGH