CVE-2018-1128

HIGH

Ceph <master,mimic,luminous,jewel - Auth Bypass

Title source: llm

Description

It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.

References (12)

Core 12

Core References

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:2261

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:2177

Patch, Third Party Advisory x_refsource_confirm

https://github.com/ceph/ceph/commit/5ead97120e07054d80623dada90a5cc764c28468

View Patch ZIP pw:eip

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:2179

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:2274

Third Party Advisory vendor-advisory x_refsource_debian

https://www.debian.org/security/2018/dsa-4339

Mailing List, Third Party Advisory mailing-list x_refsource_mlist

https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html

Issue Tracking, Vendor Advisory x_refsource_confirm

http://tracker.ceph.com/issues/24836

Issue Tracking, Patch, Third Party Advisory x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=1575866

Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00100.html

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2020/11/17/3

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2020/11/17/4

Scores

CVSS v3 7.5

EPSS 0.0137

EPSS Percentile 68.3%

Attack Vector ADJACENT_NETWORK

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-287 CWE-294

Status published

Products (13)

debian/debian_linux 8.0

debian/debian_linux 9.0

opensuse/leap 15.0

redhat/ceph 10.2.0 - 13.2.1

redhat/ceph_storage 3

redhat/ceph_storage_mon 2

redhat/ceph_storage_mon 3

redhat/ceph_storage_osd 2

redhat/ceph_storage_osd 3

redhat/enterprise_linux 7.0

... and 3 more

Published Jul 10, 2018

Tracked Since Feb 18, 2026