{"api_version":"1","generated_at":"2026-04-22T19:07:40+00:00","cve":"CVE-2021-20288","urls":{"html":"https://cve.report/CVE-2021-20288","api":"https://cve.report/api/cve/CVE-2021-20288.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-20288","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-20288"},"summary":{"title":"CVE-2021-20288","description":"An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests, it doesn't sanitize other_keys, allowing key reuse. An attacker who can request a global_id can exploit the ability of any user to request a global_id previously associated with another user, as ceph does not force the reuse of old keys to generate new ones. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2021-04-15 15:15:00","updated_at":"2023-11-07 03:29:00"},"problem_types":["CWE-287"],"metrics":[],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1938031","name":"https://bugzilla.redhat.com/show_bug.cgi?id=1938031","refsource":"MISC","tags":[],"title":"1938031 – (CVE-2021-20288) CVE-2021-20288 ceph: Unauthorized global_id reuse in cephx","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html","name":"[debian-lts-announce] 20231023 [SECURITY] [DLA 3629-1] ceph security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 3629-1] ceph security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/362CEPPYF3YMJZBEJQUT3KDE2EHYYIYQ/","name":"FEDORA-2021-e29c1ee892","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 34 Update: ceph-16.2.1-1.fc34 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JVWUKUUS5BCIFWRV3JCUQMAPJ4HIWSED/","name":"FEDORA-2021-168fbed46f","refsource":"","tags":[],"title":"[SECURITY] Fedora 32 Update: ceph-14.2.20-1.fc32 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/362CEPPYF3YMJZBEJQUT3KDE2EHYYIYQ/","name":"FEDORA-2021-e29c1ee892","refsource":"","tags":[],"title":"[SECURITY] Fedora 34 Update: ceph-16.2.1-1.fc34 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BPIAYTRCWAU4XWCDBK2THEFVXSC4XGK/","name":"FEDORA-2021-e65b9fb52e","refsource":"","tags":[],"title":"[SECURITY] Fedora 33 Update: ceph-15.2.11-1.fc33 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5BPIAYTRCWAU4XWCDBK2THEFVXSC4XGK/","name":"FEDORA-2021-e65b9fb52e","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 33 Update: ceph-15.2.11-1.fc33 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.gentoo.org/glsa/202105-39","name":"GLSA-202105-39","refsource":"GENTOO","tags":[],"title":"Ceph: Multiple vulnerabilities (GLSA 202105-39) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JVWUKUUS5BCIFWRV3JCUQMAPJ4HIWSED/","name":"FEDORA-2021-168fbed46f","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 32 Update: ceph-14.2.20-1.fc32 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-20288","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20288","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"20288","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"32","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"20288","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"33","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"20288","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"34","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"20288","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"linuxfoundation","cpe5":"ceph","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"20288","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"ceph_storage","cpe6":"4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-20288","qid":"174975","title":"SUSE Enterprise Linux Security Update for ceph (SUSE-SU-2021:1473-1)"},{"cve":"CVE-2021-20288","qid":"174976","title":"SUSE Enterprise Linux Security Update for ceph (SUSE-SU-2021:1474-1)"},{"cve":"CVE-2021-20288","qid":"180513","title":"Debian Security Update for ceph (CVE-2021-20288)"},{"cve":"CVE-2021-20288","qid":"198423","title":"Ubuntu Security Notification for Ceph vulnerabilities (USN-4998-1)"},{"cve":"CVE-2021-20288","qid":"198554","title":"Ubuntu Security Notification for Ceph Vulnerabilities (USN-5128-1)"},{"cve":"CVE-2021-20288","qid":"239428","title":"Red Hat Update for Red Hat Ceph Storage 4.2 (RHSA-2021:2445)"},{"cve":"CVE-2021-20288","qid":"281282","title":"Fedora Security Update for ceph (FEDORA-2021-168fbed46f)"},{"cve":"CVE-2021-20288","qid":"281287","title":"Fedora Security Update for ceph (FEDORA-2021-e65b9fb52e)"},{"cve":"CVE-2021-20288","qid":"281288","title":"Fedora Security Update for ceph (FEDORA-2021-e29c1ee892)"},{"cve":"CVE-2021-20288","qid":"500844","title":"Alpine Linux Security Update for ceph"},{"cve":"CVE-2021-20288","qid":"501810","title":"Alpine Linux Security Update for ceph"},{"cve":"CVE-2021-20288","qid":"502828","title":"Alpine Linux Security Update for ceph16"},{"cve":"CVE-2021-20288","qid":"6000278","title":"Debian Security Update for ceph (DLA 3629-1)"},{"cve":"CVE-2021-20288","qid":"710075","title":"Gentoo Linux Ceph Multiple vulnerabilities (GLSA 202105-39)"},{"cve":"CVE-2021-20288","qid":"750229","title":"OpenSUSE Security Update for ceph (openSUSE-SU-2021:0672-1)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2021-20288","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"ceph","version":{"version_data":[{"version_value":"ceph 14.2.20"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-287"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=1938031","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1938031"},{"refsource":"FEDORA","name":"FEDORA-2021-e29c1ee892","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/362CEPPYF3YMJZBEJQUT3KDE2EHYYIYQ/"},{"refsource":"FEDORA","name":"FEDORA-2021-e65b9fb52e","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5BPIAYTRCWAU4XWCDBK2THEFVXSC4XGK/"},{"refsource":"FEDORA","name":"FEDORA-2021-168fbed46f","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JVWUKUUS5BCIFWRV3JCUQMAPJ4HIWSED/"},{"refsource":"GENTOO","name":"GLSA-202105-39","url":"https://security.gentoo.org/glsa/202105-39"},{"refsource":"MLIST","name":"[debian-lts-announce] 20231023 [SECURITY] [DLA 3629-1] ceph security update","url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html"}]},"description":{"description_data":[{"lang":"eng","value":"An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests, it doesn't sanitize other_keys, allowing key reuse. An attacker who can request a global_id can exploit the ability of any user to request a global_id previously associated with another user, as ceph does not force the reuse of old keys to generate new ones. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."}]}},"nvd":{"publishedDate":"2021-04-15 15:15:00","lastModifiedDate":"2023-11-07 03:29:00","problem_types":["CWE-287"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":6.5},"severity":"MEDIUM","exploitabilityScore":8,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:linuxfoundation:ceph:*:*:*:*:*:*:*:*","versionEndExcluding":"14.2.21","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:redhat:ceph_storage:4.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"20288","Ordinal":"194329","Title":"CVE-2021-20288","CVE":"CVE-2021-20288","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"20288","Ordinal":"1","NoteData":"An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests, it doesn't sanitize other_keys, allowing key reuse. An attacker who can request a global_id can exploit the ability of any user to request a global_id previously associated with another user, as ceph does not force the reuse of old keys to generate new ones. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"20288","Ordinal":"2","NoteData":"2021-04-15","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"20288","Ordinal":"3","NoteData":"2021-05-26","Type":"Other","Title":"Modified"}]}}}