CVE-2018-1129

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.

References

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html

http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html

http://tracker.ceph.com/issues/24837

https://access.redhat.com/errata/RHSA-2018:2177

https://access.redhat.com/errata/RHSA-2018:2179

https://access.redhat.com/errata/RHSA-2018:2261

https://access.redhat.com/errata/RHSA-2018:2274

https://bugzilla.redhat.com/show_bug.cgi?id=1576057

https://github.com/ceph/ceph/commit/8f396cf35a3826044b089141667a196454c0a587

https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html

https://www.debian.org/security/2018/dsa-4339

Details

Source: MITRE

Published: 2018-07-10

Updated: 2019-08-29

Type: CWE-287

Risk Information

CVSS v2

Base Score: 3.3

Vector: AV:A/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 6.5

Severity: LOW

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Impact Score: 3.6

Exploitability Score: 2.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:redhat:ceph_storage:1.3:*:*:*:*:*:*:*

cpe:2.3:a:redhat:ceph_storage:3:*:*:*:*:*:*:*

cpe:2.3:a:redhat:ceph_storage_mon:2:*:*:*:*:*:*:*

cpe:2.3:a:redhat:ceph_storage_mon:3:*:*:*:*:*:*:*

cpe:2.3:a:redhat:ceph_storage_osd:2:*:*:*:*:*:*:*

cpe:2.3:a:redhat:ceph_storage_osd:3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:ceph:ceph:10.2.0:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:10.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:10.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:10.2.3:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:10.2.4:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:10.2.5:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:10.2.6:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:10.2.7:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:10.2.8:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:10.2.9:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:10.2.10:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:10.2.11:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:12.2.0:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:12.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:12.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:12.2.3:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:12.2.4:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:12.2.5:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:12.2.6:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:12.2.7:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:13.2.0:*:*:*:*:*:*:*

cpe:2.3:a:ceph:ceph:13.2.1:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*

Tenable Plugins

View all (19 total)

IDNameProductFamilySeverity
132360EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-2693)NessusHuawei Local Security Checks
high
125282SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1287-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)NessusSuSE Local Security Checks
high
124358openSUSE Security Update : ceph (openSUSE-2019-1284)NessusSuSE Local Security Checks
high
123329openSUSE Security Update : the Linux Kernel (openSUSE-2019-769)NessusSuSE Local Security Checks
high
122879Debian DLA-1715-1 : linux-4.9 security update (Spectre)NessusDebian Local Security Checks
high
122809SUSE SLED15 / SLES15 Security Update : ceph (SUSE-SU-2019:0586-1)NessusSuSE Local Security Checks
high
120338Fedora 28 : 1:ceph (2018-327707371e)NessusFedora Local Security Checks
high
120118SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2018:2980-1)NessusSuSE Local Security Checks
high
118939Debian DSA-4339-1 : ceph - security updateNessusDebian Local Security Checks
high
117988openSUSE Security Update : the Linux Kernel (openSUSE-2018-1140)NessusSuSE Local Security Checks
high
117800SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2858-1)NessusSuSE Local Security Checks
high
117629SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:2776-1)NessusSuSE Local Security Checks
high
117523openSUSE Security Update : the Linux Kernel (openSUSE-2018-1016)NessusSuSE Local Security Checks
high
112079SUSE SLED12 / SLES12 Security Update : ceph (SUSE-SU-2018:2478-1)NessusSuSE Local Security Checks
high
111635openSUSE Security Update : ceph (openSUSE-2018-854)NessusSuSE Local Security Checks
high
111559Fedora 27 : 1:ceph (2018-8738f5f4a7)NessusFedora Local Security Checks
high
111548SUSE SLED12 / SLES12 Security Update : ceph (SUSE-SU-2018:2193-1)NessusSuSE Local Security Checks
high
111364RHEL 7 : Red Hat Ceph Storage 2.5 (RHSA-2018:2261)NessusRed Hat Local Security Checks
high
111145RHEL 7 : Red Hat Ceph Storage 3.0 (RHSA-2018:2177)NessusRed Hat Local Security Checks
high