CVE-2020-1759
MEDIUM6.8EPSS 0.41%發布日:2020/4/13修改日:2026/3/20
也稱為:BIT-ceph-2020-1759DEBIAN-CVE-2020-1759
描述
A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks.
受影響套件(2)
- Bitnami/cephfrom 0, < 14.2.21
- Debian/cephfrom 0, < 14.2.9-1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.8 | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N |
參考連結(5)
- ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2020-1759
- WEBhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1759
- WEBhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P3A2UFR5IUIEXJUCF64GQ5OVLCZGODXE/
- WEBhttps://nvd.nist.gov/vuln/detail/CVE-2020-1759
- WEBhttps://security.gentoo.org/glsa/202105-39