CVE-2020-1759

Description

A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks.

CVSS Metrics

• v3.1•MEDIUM•Score: 6.4CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
• v3.1•MEDIUM•Score: 6.8CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
• v2.0•MEDIUM•Score: 5.8AV:N/AC:M/Au:N/C:P/I:P/A:N

EPSS Trends

Current EPSS score: 0.41%• Percentile: 62%

Techniques & Countermeasures

• CWE-330•Use of Insufficiently Random Values

  The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

• CWE-323•Reusing a Nonce, Key Pair in Encryption

  Nonces should be used for the present occasion and only once.

Affected Systems

• fedoraproject•fedora

  31

• linuxfoundation•ceph

  < 14.2.21

• redhat•ceph_storage

  4.0

• redhat•openshift

  4.2

• redhat•openstack

  15

• the ceph project•ceph

  Red Hat Ceph Storage 4 | Red Hat Openshift Container Storage 4.2

References (3)

• https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1759
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P3A2UFR5IUIEXJUCF64GQ5OVLCZGODXE/
• https://security.gentoo.org/glsa/202105-39