A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability exists in the secure mode of the messenger v2 protocol, which can allow an malicious user to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat openshift 4.2 |
||
redhat ceph storage 4.0 |
||
redhat openstack 15 |
||
linuxfoundation ceph |
||
fedoraproject fedora 31 |