GSD-2020-1759 — Vulnetix

GSD-2020-1759 PUBLISHED CVSS 6.400000095367432 MEDIUM

A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks.

Risk Scores

CVSS v3.1

6.400000095367432

CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

Affected Products

Vendor	Product	Versions
The Ceph Project	ceph	,

Timeline

Apr 6, 2020 CVE Published
Apr 1, 2026 Security Advisory

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1759 url
FEDORA-2020-81b9c6cddc vendor-advisory
GLSA-202105-39 advisory

Open in Interactive Console →