A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ceph_storage | Redhat | 3.0 (including) | 3.0 (including) |
Ceph_storage | Redhat | 4.3 (including) | 4.3 (including) |
Ceph_storage | Redhat | 5.1 (including) | 5.1 (including) |
Openshift_container_storage | Redhat | 4.0 (including) | 4.0 (including) |
Openshift_data_foundation | Redhat | 4.0 (including) | 4.0 (including) |
Openstack_platform | Redhat | 13.0 (including) | 13.0 (including) |
Ceph_storage_for_ibm_z_systems | Redhat | 4.0 (including) | 4.0 (including) |