Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2020-1759
HistoryApr 13, 2020 - 1:15 p.m.

CVE-2020-1759

2020-04-1313:15:13
CWE-323
CWE-330
[email protected]
web.nvd.nist.gov
2

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

6.3 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.2%

JSON

A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks.

Affected configurations

NVD
Node
redhatceph_storageMatch4.0
OR
redhatopenshiftMatch4.2
OR
redhatopenstackMatch15
Node
linuxfoundationcephRange<14.2.21
Node
fedoraprojectfedoraMatch31

Related

alpinelinux 1
veracode 1
ubuntucve 1
osv 1
debiancve 1
cvelist 1
prion 1
redhatcve 1
cve 1
openvas 3
nessus 5
suse 1
fedora 1
freebsd 1
archlinux 1
gentoo 1
alpinelinux
alpinelinux
CVE-2020-1759
2020-04-13 13:15:13
veracode
veracode
Nonce Reuse
2020-08-06 21:35:36
ubuntucve
ubuntucve
CVE-2020-1759
2020-04-13 00:00:00
osv
osv
CVE-2020-1759
2020-04-13 13:15:13
debiancve
debiancve
CVE-2020-1759
2020-04-13 13:15:13
cvelist
cvelist
CVE-2020-1759
2020-04-13 12:04:04
prion
prion
Code injection
2020-04-13 13:15:00
redhatcve
redhatcve
CVE-2020-1759
2020-04-07 07:05:37
cve
cve
CVE-2020-1759
2020-04-13 13:15:13
openvas
openvas
openSUSE: Security Advisory for ceph (openSUSE-SU-2020:0494-1)
2020-04-11 00:00:00
Fedora: Security Advisory for ceph (FEDORA-2020-81b9c6cddc)
2020-05-11 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:0930-1)
2021-06-09 00:00:00
nessus
nessus
Fedora 31 : 2:ceph (2020-81b9c6cddc)
2020-05-07 00:00:00
SUSE SLED15 / SLES15 Security Update : ceph (SUSE-SU-2020:0930-1)
2020-04-07 00:00:00
FreeBSD : ceph14 -- multiple security issues (5b6bc863-89dc-11ea-af8b-00155d0a0200)
2020-04-30 00:00:00
suse
suse
Security update for ceph (important)
2020-04-10 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: ceph-14.2.9-1.fc31
2020-05-07 04:21:05
freebsd
freebsd
ceph14 -- multiple security issues
2020-04-07 00:00:00
archlinux
archlinux
[ASA-202011-22] ceph: multiple issues
2020-11-26 00:00:00
gentoo
gentoo
Ceph: Multiple vulnerabilities
2021-05-26 00:00:00

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

6.3 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.2%

JSON
Related for NVD:CVE-2020-1759
alpinelinux1veracode1ubuntucve1osv1debiancve1cvelist1prion1redhatcve1cve1openvas3nessus5suse1fedora1freebsd1archlinux1gentoo1