CVE-2018-1128 vulnerability in Red Hat and Other Products
Published on July 10, 2018

It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Weakness Type

Authentication Bypass by Capture-replay

A capture-replay flaw exists when the design of the software makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes). Capture-replay attacks are common and can be difficult to defeat without cryptography. They are a subset of network injection attacks that rely on observing previously-sent valid commands, then changing them slightly if necessary and resending the same commands to the server.

Products Associated with CVE-2018-1128

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-1128 are published in these products:

Red Hat Ceph

Red Hat Ceph Storage

Red Hat Ceph Storage Mon

Red Hat Ceph Storage Osd

Debian Linux

OpenSuse Leap

Red Hat Enterprise Linux (RHEL)

Red Hat Enterprise Linux Desktop

Red Hat Enterprise Linux Server

Red Hat Enterprise Linux Workstation

Affected Versions

Red Hat, Inc. ceph Version All versions in branches master, mimic, luminous and jewel is affected by CVE-2018-1128

Exploit Probability

EPSS

0.98%

Percentile

76.41%