Key Length Flaw in Red Hat Ceph Storage Allows for Encryption Exploitation

Key Length Flaw in Red Hat Ceph Storage Allows for Encryption Exploitation

CVE-2021-3979 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks.

Learn more about our Web Application Penetration Testing UK.