CVE-2018-1128
moderate-risk
Published 2018-07-10
It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.
Do I need to act?
-
0.98% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10
High
ADJACENT_NETWORK
/ HIGH complexity
Affected Products (13)
Ceph Storage Mon
Ceph Storage Mon
Ceph Storage Osd
Ceph Storage Osd
Ceph
References (24)
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html
Issue Tracking
http://tracker.ceph.com/issues/24836
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2177
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2179
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2261
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2274
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=1575866
Third Party Advisory
https://www.debian.org/security/2018/dsa-4339
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html
Issue Tracking
http://tracker.ceph.com/issues/24836
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2177
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2179
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2261
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2274
and 4 more references
40
/ 100
moderate-risk
Severity
20/34 · Moderate
Exploitability
3/34 · Minimal
Exposure
17/34 · Moderate