公告ID: KYLIN-2020-1759
安全等级: 中等
产品: Kylin V3
发布日期: 2020年4月6日
CVE: CVE-2020-1759
CVSS3评分: 6.4
概述:
Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 are affected by this vulnerability as reuse of a nonce is possible with the shipped versions of ceph. 描述:
A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks. 系统版本:
KYLIN 3.4.x
受影响包列表:
ceph