CVE-2018-1128

CWE-294CWE-287Improper Authentication13 documents8 sources
Severity
7.5HIGH
EPSS
1.0%
top 23.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
11
Redhat CephRED Hat, Inc. CephDebian Debian Linux+8 more
Timeline
PublishedJul 10
Latest updateMay 13

Description

It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.

CVSS vector

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages12 packages

Debianceph< 12.2.8+dfsg1-1+3
NVDredhat/ceph10.2.013.2.1
CVEListV5cephAll ceph versions before 15.2.6 and before 14.2.14
CVEListV5red_hat,_inc./cephAll versions in branches master, mimic, luminous and jewel

Also affects: Debian Linux 8.0, 9.0, Enterprise Linux 7.0

Patches

Patch: bugzilla.redhat.comPatch: github.comPatch: bugzilla.redhat.com

🔴Vulnerability Details

5
GHSA
GHSA-xw3f-9qfw-v43f: It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack2022-05-13
OSV
ceph vulnerabilities2021-01-28
Kernel
libceph: add authorizer challenge2018-07-27
OSV
CVE-2018-1128: It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack2018-07-10
CVEList
CVE-2018-1128: It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack2018-07-10

📋Vendor Advisories

3
Red Hat
ceph: CEPHX_V2 replay attack protection lost2020-11-17
Red Hat
ceph: cephx protocol is vulnerable to replay attack2018-07-09
Debian
CVE-2018-1128: ceph - It was found that cephx authentication protocol did not verify ceph clients corr...2018

💬Community

4
Bugzilla
CVE-2020-25660 ceph: CEPHX_V2 replay attack protection lost2020-10-22
Bugzilla
CVE-2018-1000408 jenkins: Ephemeral user record creation2018-10-25
Bugzilla
CVE-2018-1128 ceph: cephx protocol is vulnerable to replay attack [fedora-all]2018-07-09
Bugzilla
CVE-2018-1128 ceph: cephx protocol is vulnerable to replay attack2018-05-08
CVE-2018-1128 (HIGH CVSS 7.5) | It was found that cephx authenticat | cvebase.io