Search criteria
116 vulnerabilities found for keystone by openstack
CVE-2025-65073 (GCVE-0-2025-65073)
Vulnerability from cvelistv5 – Published: 2025-11-17 00:00 – Updated: 2025-11-17 23:04
VLAI?
Summary
OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization.
Severity ?
7.5 (High)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-65073",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-17T16:34:17.189065Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T16:34:52.132Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-17T23:04:04.827Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/11/17/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Keystone",
"vendor": "OpenStack",
"versions": [
{
"lessThan": "26.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "affected",
"version": "27.0.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "28.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*",
"versionEndExcluding": "26.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*",
"versionEndIncluding": "27.0.0",
"versionStartIncluding": "27.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*",
"versionEndIncluding": "28.0.0",
"versionStartIncluding": "28.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T07:44:20.582Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.openwall.com/lists/oss-security/2025/11/04/2"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-65073",
"datePublished": "2025-11-17T00:00:00.000Z",
"dateReserved": "2025-11-17T00:00:00.000Z",
"dateUpdated": "2025-11-17T23:04:04.827Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-2447 (GCVE-0-2022-2447)
Vulnerability from cvelistv5 – Published: 2022-09-01 20:30 – Updated: 2024-08-03 00:39
VLAI?
Summary
A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | openstack-keystone |
Affected:
openstack-keystone as shipped in Red Hat OpenStack 16.1 and 16.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:39:07.647Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105419"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2022-2447"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "openstack-keystone",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "openstack-keystone as shipped in Red Hat OpenStack 16.1 and 16.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-324",
"description": "CWE-324",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-19T19:55:57",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105419"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/CVE-2022-2447"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-2447",
"datePublished": "2022-09-01T20:30:20",
"dateReserved": "2022-07-16T00:00:00",
"dateUpdated": "2024-08-03T00:39:07.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3563 (GCVE-0-2021-3563)
Vulnerability from cvelistv5 – Published: 2022-08-26 15:25 – Updated: 2025-02-13 16:28
VLAI?
Summary
A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity.
Severity ?
No CVSS data available.
CWE
- CWE-863 - - Incorrect Authorization
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:01:06.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ossa/+bug/1901891"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962908"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-3563"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2021-3563"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "keystone",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Not-known"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 - Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-21T23:06:23.893Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ossa/+bug/1901891"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962908"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-3563"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2021-3563"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3563",
"datePublished": "2022-08-26T15:25:41.000Z",
"dateReserved": "2021-05-21T00:00:00.000Z",
"dateUpdated": "2025-02-13T16:28:24.713Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-38155 (GCVE-0-2021-38155)
Vulnerability from cvelistv5 – Published: 2021-08-06 00:00 – Updated: 2024-08-04 01:37
VLAI?
Summary
OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking (related to PCI DSS features). By guessing the name of an account and failing to authenticate multiple times, any unauthenticated actor could both confirm the account exists and obtain that account's corresponding UUID, which might be leveraged for other unrelated attacks. All deployments enabling security_compliance.lockout_failure_attempts are affected.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:37:16.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://launchpad.net/bugs/1688137"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.openstack.org/ossa/OSSA-2021-003.html"
},
{
"name": "[oss-security] 20210810 [OSSA-2021-003] Keystone: Account name and UUID oracles in account locking (CVE-2021-38155)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/08/10/5"
},
{
"name": "[debian-lts-announce] 20240121 [SECURITY] [DLA 3714-1] keystone security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking (related to PCI DSS features). By guessing the name of an account and failing to authenticate multiple times, any unauthenticated actor could both confirm the account exists and obtain that account\u0027s corresponding UUID, which might be leveraged for other unrelated attacks. All deployments enabling security_compliance.lockout_failure_attempts are affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-21T23:06:26.719990",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://launchpad.net/bugs/1688137"
},
{
"url": "https://security.openstack.org/ossa/OSSA-2021-003.html"
},
{
"name": "[oss-security] 20210810 [OSSA-2021-003] Keystone: Account name and UUID oracles in account locking (CVE-2021-38155)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/08/10/5"
},
{
"name": "[debian-lts-announce] 20240121 [SECURITY] [DLA 3714-1] keystone security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-38155",
"datePublished": "2021-08-06T00:00:00",
"dateReserved": "2021-08-06T00:00:00",
"dateUpdated": "2024-08-04T01:37:16.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12689 (GCVE-0-2020-12689)
Vulnerability from cvelistv5 – Published: 2020-05-06 23:43 – Updated: 2024-08-04 12:04
VLAI?
Summary
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-004.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1872735"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/5"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-004] Keystone: Keystone credential endpoints allow owner modification and are not protected from a scoped context (CVE PENDING)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/2"
},
{
"name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "USN-4480-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4480-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-02T15:06:18",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-004.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1872735"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/5"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-004] Keystone: Keystone credential endpoints allow owner modification and are not protected from a scoped context (CVE PENDING)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/2"
},
{
"name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "USN-4480-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4480-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12689",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.openstack.org/ossa/OSSA-2020-004.html",
"refsource": "CONFIRM",
"url": "https://security.openstack.org/ossa/OSSA-2020-004.html"
},
{
"name": "https://bugs.launchpad.net/keystone/+bug/1872735",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/keystone/+bug/1872735"
},
{
"name": "https://www.openwall.com/lists/oss-security/2020/05/06/5",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/5"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-004] Keystone: Keystone credential endpoints allow owner modification and are not protected from a scoped context (CVE PENDING)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/2"
},
{
"name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2@%3Ccommits.druid.apache.org%3E"
},
{
"name": "USN-4480-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4480-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12689",
"datePublished": "2020-05-06T23:43:20",
"dateReserved": "2020-05-06T00:00:00",
"dateUpdated": "2024-08-04T12:04:22.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12690 (GCVE-0-2020-12690)
Vulnerability from cvelistv5 – Published: 2020-05-06 23:43 – Updated: 2024-08-04 12:04
VLAI?
Summary
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended, possibly giving unintended escalated access.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-005.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1873290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/6"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-005] Keystone: OAuth1 request token authorize silently ignores roles parameter (CVE PENDING)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/3"
},
{
"name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "USN-4480-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"name": "[druid-commits] 20210712 [druid] branch master updated: Suppress CVE-2021-27568 from json-smart 2.3 dependency (#11438)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa%40%3Ccommits.druid.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended, possibly giving unintended escalated access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-13T04:06:12",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-005.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1873290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/6"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-005] Keystone: OAuth1 request token authorize silently ignores roles parameter (CVE PENDING)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/3"
},
{
"name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "USN-4480-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"name": "[druid-commits] 20210712 [druid] branch master updated: Suppress CVE-2021-27568 from json-smart 2.3 dependency (#11438)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa%40%3Ccommits.druid.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12690",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended, possibly giving unintended escalated access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.openstack.org/ossa/OSSA-2020-005.html",
"refsource": "CONFIRM",
"url": "https://security.openstack.org/ossa/OSSA-2020-005.html"
},
{
"name": "https://bugs.launchpad.net/keystone/+bug/1873290",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/keystone/+bug/1873290"
},
{
"name": "https://www.openwall.com/lists/oss-security/2020/05/06/6",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/6"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-005] Keystone: OAuth1 request token authorize silently ignores roles parameter (CVE PENDING)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/3"
},
{
"name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2@%3Ccommits.druid.apache.org%3E"
},
{
"name": "USN-4480-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"name": "[druid-commits] 20210712 [druid] branch master updated: Suppress CVE-2021-27568 from json-smart 2.3 dependency (#11438)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa@%3Ccommits.druid.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12690",
"datePublished": "2020-05-06T23:43:10",
"dateReserved": "2020-05-06T00:00:00",
"dateUpdated": "2024-08-04T12:04:22.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12691 (GCVE-0-2020-12691)
Vulnerability from cvelistv5 – Published: 2020-05-06 23:43 – Updated: 2024-08-04 12:04
VLAI?
Summary
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-004.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1872733"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-004] Keystone: Keystone credential endpoints allow owner modification and are not protected from a scoped context (CVE PENDING)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/2"
},
{
"name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "USN-4480-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"name": "[druid-commits] 20210712 [druid] branch master updated: Suppress CVE-2021-27568 from json-smart 2.3 dependency (#11438)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa%40%3Ccommits.druid.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-13T04:06:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-004.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1872733"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-004] Keystone: Keystone credential endpoints allow owner modification and are not protected from a scoped context (CVE PENDING)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/2"
},
{
"name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "USN-4480-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"name": "[druid-commits] 20210712 [druid] branch master updated: Suppress CVE-2021-27568 from json-smart 2.3 dependency (#11438)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa%40%3Ccommits.druid.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12691",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.openstack.org/ossa/OSSA-2020-004.html",
"refsource": "CONFIRM",
"url": "https://security.openstack.org/ossa/OSSA-2020-004.html"
},
{
"name": "https://www.openwall.com/lists/oss-security/2020/05/06/5",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/5"
},
{
"name": "https://bugs.launchpad.net/keystone/+bug/1872733",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/keystone/+bug/1872733"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-004] Keystone: Keystone credential endpoints allow owner modification and are not protected from a scoped context (CVE PENDING)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/2"
},
{
"name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2@%3Ccommits.druid.apache.org%3E"
},
{
"name": "USN-4480-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"name": "[druid-commits] 20210712 [druid] branch master updated: Suppress CVE-2021-27568 from json-smart 2.3 dependency (#11438)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa@%3Ccommits.druid.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12691",
"datePublished": "2020-05-06T23:43:01",
"dateReserved": "2020-05-06T00:00:00",
"dateUpdated": "2024-08-04T12:04:22.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12692 (GCVE-0-2020-12692)
Vulnerability from cvelistv5 – Published: 2020-05-06 23:42 – Updated: 2024-08-04 12:04
VLAI?
Summary
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.870Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-003.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1872737"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/4"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-003] Keystone: Keystone does not check signature TTL of the EC2 credential auth method (CVE PENDING)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/1"
},
{
"name": "USN-4480-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4480-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn\u0027t have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-02T15:06:19",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-003.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1872737"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/4"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-003] Keystone: Keystone does not check signature TTL of the EC2 credential auth method (CVE PENDING)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/1"
},
{
"name": "USN-4480-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4480-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12692",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn\u0027t have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.openstack.org/ossa/OSSA-2020-003.html",
"refsource": "CONFIRM",
"url": "https://security.openstack.org/ossa/OSSA-2020-003.html"
},
{
"name": "https://bugs.launchpad.net/keystone/+bug/1872737",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/keystone/+bug/1872737"
},
{
"name": "https://www.openwall.com/lists/oss-security/2020/05/06/4",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/4"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-003] Keystone: Keystone does not check signature TTL of the EC2 credential auth method (CVE PENDING)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/1"
},
{
"name": "USN-4480-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4480-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12692",
"datePublished": "2020-05-06T23:42:42",
"dateReserved": "2020-05-06T00:00:00",
"dateUpdated": "2024-08-04T12:04:22.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19687 (GCVE-0-2019-19687)
Vulnerability from cvelistv5 – Published: 2019-12-09 17:14 – Updated: 2024-08-05 02:25
VLAI?
Summary
OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any credentials with the /v3/credentials API when enforce_scope is false. Users with a role on a project are able to view any other users' credentials, which could (for example) leak sign-on information for Time-based One Time Passwords (TOTP). Deployments with enforce_scope set to false are affected. (There will be a slight performance impact for the list credentials API once this issue is fixed.)
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1855080"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://review.opendev.org/#/c/697355/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://review.opendev.org/#/c/697611/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://review.opendev.org/#/c/697731/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.openstack.org/ossa/OSSA-2019-006.html"
},
{
"name": "[oss-security] 20191211 [OSSA-2019-006] Keystone: Credentials API allows listing and retrieving of all users credentials (CVE-2019-19687)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/11/8"
},
{
"name": "RHSA-2019:4358",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:4358"
},
{
"name": "USN-4262-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4262-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any credentials with the /v3/credentials API when enforce_scope is false. Users with a role on a project are able to view any other users\u0027 credentials, which could (for example) leak sign-on information for Time-based One Time Passwords (TOTP). Deployments with enforce_scope set to false are affected. (There will be a slight performance impact for the list credentials API once this issue is fixed.)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-31T13:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1855080"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://review.opendev.org/#/c/697355/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://review.opendev.org/#/c/697611/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://review.opendev.org/#/c/697731/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.openstack.org/ossa/OSSA-2019-006.html"
},
{
"name": "[oss-security] 20191211 [OSSA-2019-006] Keystone: Credentials API allows listing and retrieving of all users credentials (CVE-2019-19687)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/11/8"
},
{
"name": "RHSA-2019:4358",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:4358"
},
{
"name": "USN-4262-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4262-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19687",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any credentials with the /v3/credentials API when enforce_scope is false. Users with a role on a project are able to view any other users\u0027 credentials, which could (for example) leak sign-on information for Time-based One Time Passwords (TOTP). Deployments with enforce_scope set to false are affected. (There will be a slight performance impact for the list credentials API once this issue is fixed.)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/keystone/+bug/1855080",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/keystone/+bug/1855080"
},
{
"name": "https://review.opendev.org/#/c/697355/",
"refsource": "MISC",
"url": "https://review.opendev.org/#/c/697355/"
},
{
"name": "https://review.opendev.org/#/c/697611/",
"refsource": "MISC",
"url": "https://review.opendev.org/#/c/697611/"
},
{
"name": "https://review.opendev.org/#/c/697731/",
"refsource": "MISC",
"url": "https://review.opendev.org/#/c/697731/"
},
{
"name": "https://security.openstack.org/ossa/OSSA-2019-006.html",
"refsource": "CONFIRM",
"url": "https://security.openstack.org/ossa/OSSA-2019-006.html"
},
{
"name": "[oss-security] 20191211 [OSSA-2019-006] Keystone: Credentials API allows listing and retrieving of all users credentials (CVE-2019-19687)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/12/11/8"
},
{
"name": "RHSA-2019:4358",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:4358"
},
{
"name": "USN-4262-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4262-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19687",
"datePublished": "2019-12-09T17:14:14",
"dateReserved": "2019-12-09T00:00:00",
"dateUpdated": "2024-08-05T02:25:12.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1572 (GCVE-0-2012-1572)
Vulnerability from cvelistv5 – Published: 2019-11-12 16:48 – Updated: 2024-08-06 19:01
VLAI?
Summary
OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space
Severity ?
No CVSS data available.
CWE
- extremely long passwords can crash Keystone
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:02.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1572"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1572"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Keystone",
"vendor": "keystone",
"versions": [
{
"status": "affected",
"version": "2014.1.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "extremely long passwords can crash Keystone",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T16:48:15",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1572"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1572"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1572",
"datePublished": "2019-11-12T16:48:15",
"dateReserved": "2012-03-12T00:00:00",
"dateUpdated": "2024-08-06T19:01:02.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-65073 (GCVE-0-2025-65073)
Vulnerability from nvd – Published: 2025-11-17 00:00 – Updated: 2025-11-17 23:04
VLAI?
Summary
OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization.
Severity ?
7.5 (High)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-65073",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-17T16:34:17.189065Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T16:34:52.132Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-17T23:04:04.827Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/11/17/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Keystone",
"vendor": "OpenStack",
"versions": [
{
"lessThan": "26.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "affected",
"version": "27.0.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "28.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*",
"versionEndExcluding": "26.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*",
"versionEndIncluding": "27.0.0",
"versionStartIncluding": "27.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*",
"versionEndIncluding": "28.0.0",
"versionStartIncluding": "28.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone authorization."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-17T07:44:20.582Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.openwall.com/lists/oss-security/2025/11/04/2"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-65073",
"datePublished": "2025-11-17T00:00:00.000Z",
"dateReserved": "2025-11-17T00:00:00.000Z",
"dateUpdated": "2025-11-17T23:04:04.827Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-2447 (GCVE-0-2022-2447)
Vulnerability from nvd – Published: 2022-09-01 20:30 – Updated: 2024-08-03 00:39
VLAI?
Summary
A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | openstack-keystone |
Affected:
openstack-keystone as shipped in Red Hat OpenStack 16.1 and 16.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:39:07.647Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105419"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2022-2447"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "openstack-keystone",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "openstack-keystone as shipped in Red Hat OpenStack 16.1 and 16.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-324",
"description": "CWE-324",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-19T19:55:57",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105419"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/CVE-2022-2447"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-2447",
"datePublished": "2022-09-01T20:30:20",
"dateReserved": "2022-07-16T00:00:00",
"dateUpdated": "2024-08-03T00:39:07.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3563 (GCVE-0-2021-3563)
Vulnerability from nvd – Published: 2022-08-26 15:25 – Updated: 2025-02-13 16:28
VLAI?
Summary
A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity.
Severity ?
No CVSS data available.
CWE
- CWE-863 - - Incorrect Authorization
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:01:06.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ossa/+bug/1901891"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962908"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-3563"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2021-3563"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "keystone",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Not-known"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 - Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-21T23:06:23.893Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ossa/+bug/1901891"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962908"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-3563"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2021-3563"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3563",
"datePublished": "2022-08-26T15:25:41.000Z",
"dateReserved": "2021-05-21T00:00:00.000Z",
"dateUpdated": "2025-02-13T16:28:24.713Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-38155 (GCVE-0-2021-38155)
Vulnerability from nvd – Published: 2021-08-06 00:00 – Updated: 2024-08-04 01:37
VLAI?
Summary
OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking (related to PCI DSS features). By guessing the name of an account and failing to authenticate multiple times, any unauthenticated actor could both confirm the account exists and obtain that account's corresponding UUID, which might be leveraged for other unrelated attacks. All deployments enabling security_compliance.lockout_failure_attempts are affected.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:37:16.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://launchpad.net/bugs/1688137"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.openstack.org/ossa/OSSA-2021-003.html"
},
{
"name": "[oss-security] 20210810 [OSSA-2021-003] Keystone: Account name and UUID oracles in account locking (CVE-2021-38155)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/08/10/5"
},
{
"name": "[debian-lts-announce] 20240121 [SECURITY] [DLA 3714-1] keystone security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking (related to PCI DSS features). By guessing the name of an account and failing to authenticate multiple times, any unauthenticated actor could both confirm the account exists and obtain that account\u0027s corresponding UUID, which might be leveraged for other unrelated attacks. All deployments enabling security_compliance.lockout_failure_attempts are affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-21T23:06:26.719990",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://launchpad.net/bugs/1688137"
},
{
"url": "https://security.openstack.org/ossa/OSSA-2021-003.html"
},
{
"name": "[oss-security] 20210810 [OSSA-2021-003] Keystone: Account name and UUID oracles in account locking (CVE-2021-38155)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/08/10/5"
},
{
"name": "[debian-lts-announce] 20240121 [SECURITY] [DLA 3714-1] keystone security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-38155",
"datePublished": "2021-08-06T00:00:00",
"dateReserved": "2021-08-06T00:00:00",
"dateUpdated": "2024-08-04T01:37:16.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12689 (GCVE-0-2020-12689)
Vulnerability from nvd – Published: 2020-05-06 23:43 – Updated: 2024-08-04 12:04
VLAI?
Summary
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-004.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1872735"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/5"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-004] Keystone: Keystone credential endpoints allow owner modification and are not protected from a scoped context (CVE PENDING)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/2"
},
{
"name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "USN-4480-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4480-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-02T15:06:18",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-004.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1872735"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/5"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-004] Keystone: Keystone credential endpoints allow owner modification and are not protected from a scoped context (CVE PENDING)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/2"
},
{
"name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "USN-4480-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4480-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12689",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.openstack.org/ossa/OSSA-2020-004.html",
"refsource": "CONFIRM",
"url": "https://security.openstack.org/ossa/OSSA-2020-004.html"
},
{
"name": "https://bugs.launchpad.net/keystone/+bug/1872735",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/keystone/+bug/1872735"
},
{
"name": "https://www.openwall.com/lists/oss-security/2020/05/06/5",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/5"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-004] Keystone: Keystone credential endpoints allow owner modification and are not protected from a scoped context (CVE PENDING)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/2"
},
{
"name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2@%3Ccommits.druid.apache.org%3E"
},
{
"name": "USN-4480-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4480-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12689",
"datePublished": "2020-05-06T23:43:20",
"dateReserved": "2020-05-06T00:00:00",
"dateUpdated": "2024-08-04T12:04:22.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12690 (GCVE-0-2020-12690)
Vulnerability from nvd – Published: 2020-05-06 23:43 – Updated: 2024-08-04 12:04
VLAI?
Summary
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended, possibly giving unintended escalated access.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-005.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1873290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/6"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-005] Keystone: OAuth1 request token authorize silently ignores roles parameter (CVE PENDING)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/3"
},
{
"name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "USN-4480-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"name": "[druid-commits] 20210712 [druid] branch master updated: Suppress CVE-2021-27568 from json-smart 2.3 dependency (#11438)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa%40%3Ccommits.druid.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended, possibly giving unintended escalated access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-13T04:06:12",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-005.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1873290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/6"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-005] Keystone: OAuth1 request token authorize silently ignores roles parameter (CVE PENDING)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/3"
},
{
"name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "USN-4480-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"name": "[druid-commits] 20210712 [druid] branch master updated: Suppress CVE-2021-27568 from json-smart 2.3 dependency (#11438)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa%40%3Ccommits.druid.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12690",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended, possibly giving unintended escalated access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.openstack.org/ossa/OSSA-2020-005.html",
"refsource": "CONFIRM",
"url": "https://security.openstack.org/ossa/OSSA-2020-005.html"
},
{
"name": "https://bugs.launchpad.net/keystone/+bug/1873290",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/keystone/+bug/1873290"
},
{
"name": "https://www.openwall.com/lists/oss-security/2020/05/06/6",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/6"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-005] Keystone: OAuth1 request token authorize silently ignores roles parameter (CVE PENDING)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/3"
},
{
"name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2@%3Ccommits.druid.apache.org%3E"
},
{
"name": "USN-4480-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"name": "[druid-commits] 20210712 [druid] branch master updated: Suppress CVE-2021-27568 from json-smart 2.3 dependency (#11438)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa@%3Ccommits.druid.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12690",
"datePublished": "2020-05-06T23:43:10",
"dateReserved": "2020-05-06T00:00:00",
"dateUpdated": "2024-08-04T12:04:22.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12691 (GCVE-0-2020-12691)
Vulnerability from nvd – Published: 2020-05-06 23:43 – Updated: 2024-08-04 12:04
VLAI?
Summary
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-004.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1872733"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-004] Keystone: Keystone credential endpoints allow owner modification and are not protected from a scoped context (CVE PENDING)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/2"
},
{
"name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "USN-4480-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"name": "[druid-commits] 20210712 [druid] branch master updated: Suppress CVE-2021-27568 from json-smart 2.3 dependency (#11438)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa%40%3Ccommits.druid.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-13T04:06:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-004.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1872733"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-004] Keystone: Keystone credential endpoints allow owner modification and are not protected from a scoped context (CVE PENDING)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/2"
},
{
"name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "USN-4480-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"name": "[druid-commits] 20210712 [druid] branch master updated: Suppress CVE-2021-27568 from json-smart 2.3 dependency (#11438)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa%40%3Ccommits.druid.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12691",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.openstack.org/ossa/OSSA-2020-004.html",
"refsource": "CONFIRM",
"url": "https://security.openstack.org/ossa/OSSA-2020-004.html"
},
{
"name": "https://www.openwall.com/lists/oss-security/2020/05/06/5",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/5"
},
{
"name": "https://bugs.launchpad.net/keystone/+bug/1872733",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/keystone/+bug/1872733"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-004] Keystone: Keystone credential endpoints allow owner modification and are not protected from a scoped context (CVE PENDING)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/2"
},
{
"name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2@%3Ccommits.druid.apache.org%3E"
},
{
"name": "USN-4480-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"name": "[druid-commits] 20210712 [druid] branch master updated: Suppress CVE-2021-27568 from json-smart 2.3 dependency (#11438)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa@%3Ccommits.druid.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12691",
"datePublished": "2020-05-06T23:43:01",
"dateReserved": "2020-05-06T00:00:00",
"dateUpdated": "2024-08-04T12:04:22.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12692 (GCVE-0-2020-12692)
Vulnerability from nvd – Published: 2020-05-06 23:42 – Updated: 2024-08-04 12:04
VLAI?
Summary
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.870Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-003.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1872737"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/4"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-003] Keystone: Keystone does not check signature TTL of the EC2 credential auth method (CVE PENDING)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/1"
},
{
"name": "USN-4480-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4480-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn\u0027t have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-02T15:06:19",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-003.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1872737"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/4"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-003] Keystone: Keystone does not check signature TTL of the EC2 credential auth method (CVE PENDING)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/1"
},
{
"name": "USN-4480-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4480-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12692",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn\u0027t have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.openstack.org/ossa/OSSA-2020-003.html",
"refsource": "CONFIRM",
"url": "https://security.openstack.org/ossa/OSSA-2020-003.html"
},
{
"name": "https://bugs.launchpad.net/keystone/+bug/1872737",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/keystone/+bug/1872737"
},
{
"name": "https://www.openwall.com/lists/oss-security/2020/05/06/4",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/4"
},
{
"name": "[oss-security] 20200507 Re: [OSSA-2020-003] Keystone: Keystone does not check signature TTL of the EC2 credential auth method (CVE PENDING)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/1"
},
{
"name": "USN-4480-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4480-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12692",
"datePublished": "2020-05-06T23:42:42",
"dateReserved": "2020-05-06T00:00:00",
"dateUpdated": "2024-08-04T12:04:22.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19687 (GCVE-0-2019-19687)
Vulnerability from nvd – Published: 2019-12-09 17:14 – Updated: 2024-08-05 02:25
VLAI?
Summary
OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any credentials with the /v3/credentials API when enforce_scope is false. Users with a role on a project are able to view any other users' credentials, which could (for example) leak sign-on information for Time-based One Time Passwords (TOTP). Deployments with enforce_scope set to false are affected. (There will be a slight performance impact for the list credentials API once this issue is fixed.)
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1855080"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://review.opendev.org/#/c/697355/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://review.opendev.org/#/c/697611/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://review.opendev.org/#/c/697731/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.openstack.org/ossa/OSSA-2019-006.html"
},
{
"name": "[oss-security] 20191211 [OSSA-2019-006] Keystone: Credentials API allows listing and retrieving of all users credentials (CVE-2019-19687)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/11/8"
},
{
"name": "RHSA-2019:4358",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:4358"
},
{
"name": "USN-4262-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4262-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any credentials with the /v3/credentials API when enforce_scope is false. Users with a role on a project are able to view any other users\u0027 credentials, which could (for example) leak sign-on information for Time-based One Time Passwords (TOTP). Deployments with enforce_scope set to false are affected. (There will be a slight performance impact for the list credentials API once this issue is fixed.)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-31T13:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1855080"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://review.opendev.org/#/c/697355/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://review.opendev.org/#/c/697611/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://review.opendev.org/#/c/697731/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.openstack.org/ossa/OSSA-2019-006.html"
},
{
"name": "[oss-security] 20191211 [OSSA-2019-006] Keystone: Credentials API allows listing and retrieving of all users credentials (CVE-2019-19687)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/11/8"
},
{
"name": "RHSA-2019:4358",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:4358"
},
{
"name": "USN-4262-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4262-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19687",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any credentials with the /v3/credentials API when enforce_scope is false. Users with a role on a project are able to view any other users\u0027 credentials, which could (for example) leak sign-on information for Time-based One Time Passwords (TOTP). Deployments with enforce_scope set to false are affected. (There will be a slight performance impact for the list credentials API once this issue is fixed.)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/keystone/+bug/1855080",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/keystone/+bug/1855080"
},
{
"name": "https://review.opendev.org/#/c/697355/",
"refsource": "MISC",
"url": "https://review.opendev.org/#/c/697355/"
},
{
"name": "https://review.opendev.org/#/c/697611/",
"refsource": "MISC",
"url": "https://review.opendev.org/#/c/697611/"
},
{
"name": "https://review.opendev.org/#/c/697731/",
"refsource": "MISC",
"url": "https://review.opendev.org/#/c/697731/"
},
{
"name": "https://security.openstack.org/ossa/OSSA-2019-006.html",
"refsource": "CONFIRM",
"url": "https://security.openstack.org/ossa/OSSA-2019-006.html"
},
{
"name": "[oss-security] 20191211 [OSSA-2019-006] Keystone: Credentials API allows listing and retrieving of all users credentials (CVE-2019-19687)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/12/11/8"
},
{
"name": "RHSA-2019:4358",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:4358"
},
{
"name": "USN-4262-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4262-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19687",
"datePublished": "2019-12-09T17:14:14",
"dateReserved": "2019-12-09T00:00:00",
"dateUpdated": "2024-08-05T02:25:12.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1572 (GCVE-0-2012-1572)
Vulnerability from nvd – Published: 2019-11-12 16:48 – Updated: 2024-08-06 19:01
VLAI?
Summary
OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space
Severity ?
No CVSS data available.
CWE
- extremely long passwords can crash Keystone
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:02.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1572"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1572"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Keystone",
"vendor": "keystone",
"versions": [
{
"status": "affected",
"version": "2014.1.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "extremely long passwords can crash Keystone",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T16:48:15",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1572"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1572"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1572",
"datePublished": "2019-11-12T16:48:15",
"dateReserved": "2012-03-12T00:00:00",
"dateUpdated": "2024-08-06T19:01:02.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2022-2447
Vulnerability from fkie_nvd - Published: 2022-09-01 21:15 - Updated: 2024-11-21 07:01
Severity ?
Summary
A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2022-2447 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2105419 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2022-2447 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2105419 | Exploit, Issue Tracking, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openstack:keystone:-:*:*:*:*:*:*:*",
"matchCriteriaId": "568B4FBB-D454-47AA-83BC-D625114FEF49",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openstack:16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C9D3F4FF-AD3D-4D17-93E8-84CAFCED2F59",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:redhat:openstack:16.2:-:*:*:*:*:*:*",
"matchCriteriaId": "FFE398FE-EE7C-4B64-ABB6-24697E047C85",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC81071-B46D-4F5D-AC25-B4A4CCC20C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1987BDA-0113-4603-B9BE-76647EB043F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "379A5883-F6DF-41F5-9403-8D17F6605737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected."
},
{
"lang": "es",
"value": "Se ha encontrado un fallo en Keystone. Hay un desfase (de hasta una hora en una configuraci\u00f3n por defecto) entre el momento en que la pol\u00edtica de seguridad dice que un token debe ser revocado y el momento en que realmente lo es. Esto podr\u00eda permitir a un administrador remoto mantener secretamente el acceso durante m\u00e1s tiempo del esperado"
}
],
"id": "CVE-2022-2447",
"lastModified": "2024-11-21T07:01:00.543",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-01T21:15:09.547",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2022-2447"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105419"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2022-2447"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105419"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-324"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-672"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-3563
Vulnerability from fkie_nvd - Published: 2022-08-26 16:15 - Updated: 2024-11-21 06:21
Severity ?
Summary
A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openstack | keystone | * | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 | |
| redhat | openstack_platform | 10.0 | |
| redhat | openstack_platform | 13.0 | |
| redhat | openstack_platform | 16.1 | |
| redhat | openstack_platform | 16.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C97C834-563B-4D40-A01A-FD02975F5372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openstack_platform:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "542B31BD-5767-4B33-9201-40548D1223B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C52600BF-9E87-4CD2-91F3-685AFE478C1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC81071-B46D-4F5D-AC25-B4A4CCC20C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity."
},
{
"lang": "es",
"value": "Se ha encontrado un fallo en openstack-keystone. S\u00f3lo son verificados los primeros 72 caracteres del secreto de una aplicaci\u00f3n, lo que permite a atacantes omitir determinada complejidad de las contrase\u00f1as con la que pueden contar los administradores. La mayor amenaza de esta vulnerabilidad es la confidencialidad e integridad de los datos."
}
],
"id": "CVE-2021-3563",
"lastModified": "2024-11-21T06:21:51.270",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-26T16:15:08.867",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-3563"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugs.launchpad.net/ossa/+bug/1901891"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962908"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2021-3563"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-3563"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugs.launchpad.net/ossa/+bug/1901891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2021-3563"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-38155
Vulnerability from fkie_nvd - Published: 2021-08-06 21:15 - Updated: 2024-11-21 06:16
Severity ?
Summary
OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking (related to PCI DSS features). By guessing the name of an account and failing to authenticate multiple times, any unauthenticated actor could both confirm the account exists and obtain that account's corresponding UUID, which might be leveraged for other unrelated attacks. All deployments enabling security_compliance.lockout_failure_attempts are affected.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2021/08/10/5 | Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | https://launchpad.net/bugs/1688137 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html | ||
| cve@mitre.org | https://security.openstack.org/ossa/OSSA-2021-003.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2021/08/10/5 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.net/bugs/1688137 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.openstack.org/ossa/OSSA-2021-003.html | Patch, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64EC21DE-CE8B-4F59-A3D4-0A6F50CC94C3",
"versionEndExcluding": "16.0.2",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBD90FD4-F74A-4B50-984B-88AC5053C72D",
"versionEndExcluding": "17.0.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB12E55-F484-49F2-BFBF-6BA81D8645C6",
"versionEndExcluding": "18.0.1",
"versionStartIncluding": "18.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E814845D-8600-4214-A9E4-7C8A330CC144",
"versionEndExcluding": "19.0.1",
"versionStartIncluding": "19.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking (related to PCI DSS features). By guessing the name of an account and failing to authenticate multiple times, any unauthenticated actor could both confirm the account exists and obtain that account\u0027s corresponding UUID, which might be leveraged for other unrelated attacks. All deployments enabling security_compliance.lockout_failure_attempts are affected."
},
{
"lang": "es",
"value": "OpenStack Keystone versiones 10.x hasta 16.x anteriores a 16.0.2, versiones 17.x anteriores a 17.0.1, versiones 18.x anteriores a 18.0.1 y versiones 19.x anteriores a 19.0.1, permite una divulgaci\u00f3n de informaci\u00f3n durante el bloqueo de cuentas (relacionado con las caracter\u00edsticas de PCI DSS). Al adivinar el nombre de una cuenta y fallando en la autenticaci\u00f3n m\u00faltiples veces, cualquier actor no autenticado podr\u00eda tanto confirmar que la cuenta se presenta y obtener el UUID correspondiente de esa cuenta, que podr\u00eda ser aprovechado para otros ataques no relacionados. Todas las implantaciones que permiten security_compliance.lockout_failure_attempts est\u00e1n afectadas"
}
],
"id": "CVE-2021-38155",
"lastModified": "2024-11-21T06:16:30.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-06T21:15:06.687",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/08/10/5"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://launchpad.net/bugs/1688137"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://security.openstack.org/ossa/OSSA-2021-003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/08/10/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://launchpad.net/bugs/1688137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://security.openstack.org/ossa/OSSA-2021-003.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-307"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-12692
Vulnerability from fkie_nvd - Published: 2020-05-07 00:15 - Updated: 2024-11-21 05:00
Severity ?
Summary
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2020/05/07/1 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://bugs.launchpad.net/keystone/+bug/1872737 | Third Party Advisory | |
| cve@mitre.org | https://security.openstack.org/ossa/OSSA-2020-003.html | Vendor Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/4480-1/ | Third Party Advisory | |
| cve@mitre.org | https://www.openwall.com/lists/oss-security/2020/05/06/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2020/05/07/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/keystone/+bug/1872737 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.openstack.org/ossa/OSSA-2020-003.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4480-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2020/05/06/4 | Mailing List, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04CBF40B-EE82-4FB1-8B57-502419051BA9",
"versionEndExcluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openstack:keystone:16.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71945B91-B12D-4EF4-AE03-91592D434125",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn\u0027t have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en OpenStack Keystone versiones anteriores a 15.0.1 y 16.0.0. La API EC2 no presenta una comprobaci\u00f3n TTL de firma para AWS Signature V4. Un atacante puede rastrear el encabezado Authorization y luego usarlo para volver a emitir un token de OpenStack un n\u00famero ilimitado de veces."
}
],
"id": "CVE-2020-12692",
"lastModified": "2024-11-21T05:00:05.037",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-07T00:15:10.987",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1872737"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-003.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1872737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/4"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-294"
},
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-12691
Vulnerability from fkie_nvd - Published: 2020-05-07 00:15 - Updated: 2024-11-21 05:00
Severity ?
Summary
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04CBF40B-EE82-4FB1-8B57-502419051BA9",
"versionEndExcluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openstack:keystone:16.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71945B91-B12D-4EF4-AE03-91592D434125",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en OpenStack Keystone versiones anteriores a 15.0.1 y 16.0.0. Cualquier usuario autenticado puede crear una credencial EC2 para s\u00ed mismo para un proyecto en el que posee un rol espec\u00edfico, y luego llevar a cabo una actualizaci\u00f3n para el usuario y el proyecto de la credencial, permiti\u00e9ndole hacerse pasar por otro usuario. Esto permite potencialmente a un usuario malicioso actuar como el administrador en un proyecto en el que otro usuario presenta la funci\u00f3n de administrador, que puede otorgarle efectivamente a ese usuario privilegios de administrador global."
}
],
"id": "CVE-2020-12691",
"lastModified": "2024-11-21T05:00:04.873",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-07T00:15:10.957",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1872733"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa%40%3Ccommits.druid.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1872733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa%40%3Ccommits.druid.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/5"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-12690
Vulnerability from fkie_nvd - Published: 2020-05-07 00:15 - Updated: 2024-11-21 05:00
Severity ?
Summary
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended, possibly giving unintended escalated access.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04CBF40B-EE82-4FB1-8B57-502419051BA9",
"versionEndExcluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openstack:keystone:16.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71945B91-B12D-4EF4-AE03-91592D434125",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended, possibly giving unintended escalated access."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en OpenStack Keystone versiones anteriores a 15.0.1 y 16.0.0. La lista de roles proporcionados para un token de acceso OAuth1 es ignorada silenciosamente. Por lo tanto, cuando es usado un token de acceso para solicitar un token de keystone, el token de keystone contiene todas las asignaciones de roles que el creador ten\u00eda para el proyecto. Esto resulta en que el token de keystone proporcionado tenga m\u00e1s asignaciones de roles que las previstas por el creador, posiblemente otorgando un acceso escalado no deseado."
}
],
"id": "CVE-2020-12690",
"lastModified": "2024-11-21T05:00:04.717",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-07T00:15:10.923",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1873290"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa%40%3Ccommits.druid.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-005.html"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1873290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa%40%3Ccommits.druid.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/6"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-613"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-12689
Vulnerability from fkie_nvd - Published: 2020-05-07 00:15 - Updated: 2024-11-21 05:00
Severity ?
Summary
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04CBF40B-EE82-4FB1-8B57-502419051BA9",
"versionEndExcluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openstack:keystone:16.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71945B91-B12D-4EF4-AE03-91592D434125",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en OpenStack Keystone en versiones anteriores a la 15.0.1 y 16.0.0. Cualquier usuario autenticado dentro de un alcance limitado (credencial de confianza/autorizaci\u00f3n/aplicaci\u00f3n) puede crear una credencial EC2 con un permiso escalado, como obtener administrador mientras el usuario tiene un rol de visor limitado. Potencialmente, esto permite que un usuario malintencionado act\u00fae como administrador en un proyecto en el que otro usuario tiene la funci\u00f3n de administrador, lo que efectivamente puede otorgarle a ese usuario privilegios de administrador global."
}
],
"id": "CVE-2020-12689",
"lastModified": "2024-11-21T05:00:04.560",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-07T00:15:10.877",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1872735"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/05/07/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1872735"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security.openstack.org/ossa/OSSA-2020-004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4480-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2020/05/06/5"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-19687
Vulnerability from fkie_nvd - Published: 2019-12-09 18:15 - Updated: 2024-11-21 04:35
Severity ?
Summary
OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any credentials with the /v3/credentials API when enforce_scope is false. Users with a role on a project are able to view any other users' credentials, which could (for example) leak sign-on information for Time-based One Time Passwords (TOTP). Deployments with enforce_scope set to false are affected. (There will be a slight performance impact for the list credentials API once this issue is fixed.)
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openstack:keystone:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD05D79-A4D5-46A7-9F88-DF945A2B26A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openstack:keystone:16.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71945B91-B12D-4EF4-AE03-91592D434125",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any credentials with the /v3/credentials API when enforce_scope is false. Users with a role on a project are able to view any other users\u0027 credentials, which could (for example) leak sign-on information for Time-based One Time Passwords (TOTP). Deployments with enforce_scope set to false are affected. (There will be a slight performance impact for the list credentials API once this issue is fixed.)"
},
{
"lang": "es",
"value": "OpenStack Keystone versiones 15.0.0 y 16.0.0, est\u00e1 afectado por un Filtrado de Datos en la API de credenciales de lista. Cualquier usuario con un rol en un proyecto es capaz de enumerar cualquier credencial con la API de /v3/credentials cuando la funci\u00f3n enforce_scope es falsa. Los usuarios con un rol en un proyecto pueden visualizar las credenciales de cualquier otro usuario, lo que podr\u00eda (por ejemplo) filtrar informaci\u00f3n de inicio de sesi\u00f3n de Time-based One Time Passwords (TOTP). Las implementaciones con la funci\u00f3n enforce_scope establecida en false est\u00e1n afectadas. (Habr\u00e1 un ligero impacto en el rendimiento de la API de credenciales de lista una vez que este problema sea corregido)."
}
],
"id": "CVE-2019-19687",
"lastModified": "2024-11-21T04:35:11.607",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-09T18:15:09.827",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/11/8"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:4358"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1855080"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://review.opendev.org/#/c/697355/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://review.opendev.org/#/c/697611/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://review.opendev.org/#/c/697731/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://security.openstack.org/ossa/OSSA-2019-006.html"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/4262-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/12/11/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:4358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/keystone/+bug/1855080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://review.opendev.org/#/c/697355/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://review.opendev.org/#/c/697611/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://review.opendev.org/#/c/697731/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security.openstack.org/ossa/OSSA-2019-006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/4262-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-1572
Vulnerability from fkie_nvd - Published: 2019-11-12 17:15 - Updated: 2024-11-21 01:37
Severity ?
Summary
OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1572 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://security-tracker.debian.org/tracker/CVE-2012-1572 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1572 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2012-1572 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openstack | keystone | - | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openstack:keystone:-:*:*:*:*:*:*:*",
"matchCriteriaId": "568B4FBB-D454-47AA-83BC-D625114FEF49",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space"
},
{
"lang": "es",
"value": "OpenStack Keystone: las contrase\u00f1as extremadamente largas pueden bloquear a Keystone mediante el agotamiento del espacio de la pila."
}
],
"id": "CVE-2012-1572",
"lastModified": "2024-11-21T01:37:14.020",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-12T17:15:10.033",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1572"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1572"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1572"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1572"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-2255
Vulnerability from fkie_nvd - Published: 2019-11-01 19:15 - Updated: 2024-11-21 01:51
Severity ?
Summary
HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openstack | compute | 2013.1 | |
| openstack | keystone | 2013 | |
| redhat | openstack | 3.0 | |
| redhat | openstack | 4.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openstack:compute:2013.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6DE1DE9A-0D08-448B-AF80-7ACA236F2A83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openstack:keystone:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "F9DCDA4F-C2CA-4BB6-88B1-8FA4F2D8D0C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6533B15B-F748-4A5D-AB86-31D38DFAE60F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1802FDB8-C919-4D5E-A8AD-4C5B72525090",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates."
},
{
"lang": "es",
"value": "HTTPSConnections en OpenStack Keystone versi\u00f3n 2013, OpenStack Compute versi\u00f3n 2013.1 y posiblemente otros componentes de OpenStack, no pueden comprobar los certificados SSL del lado del servidor."
}
],
"id": "CVE-2013-2255",
"lastModified": "2024-11-21T01:51:20.373",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-01T19:15:10.963",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2013-2255"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/ossn/+bug/1188189"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2255"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-2255"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85562"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-2255"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2013-2255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/ossn/+bug/1188189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-2255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-2255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61118"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}