cnvd - cnvd-2020-13180

CNVD-2020-13180

Vulnerability from cnvd - Published: 2020-02-25

Title

OpenStack Nova令牌泄露漏洞

Description

OpenStack是一个云平台管理项目。OpenStack Nova是其中的一个云计算结构控制器。 OpenStack Nova 18.2.4之前版本、19.1.0之前的19.x版本和20.1.0之前的20.x版本中存在安全漏洞，该漏洞源于程序将consoleauth令牌放在日志文件中。攻击者可利用该漏洞获取用控制台访问令牌。

Severity

中

Patch Name

OpenStack Nova令牌泄露漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://security.openstack.org/ossa/OSSA-2020-001.html

Reference

https://nvd.nist.gov/vuln/detail/CVE-2015-9543

Impacted products

Name
['OpenStack Nova <18.2.4', 'OpenStack Nova 19.，<19.1.0', 'OpenStack Nova 20.，<20.1.0']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-9543",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9543"
    }
  },
  "description": "OpenStack\u662f\u4e00\u4e2a\u4e91\u5e73\u53f0\u7ba1\u7406\u9879\u76ee\u3002OpenStack Nova\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u4e91\u8ba1\u7b97\u7ed3\u6784\u63a7\u5236\u5668\u3002\n\nOpenStack Nova 18.2.4\u4e4b\u524d\u7248\u672c\u300119.1.0\u4e4b\u524d\u768419.x\u7248\u672c\u548c20.1.0\u4e4b\u524d\u768420.x\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u5c06consoleauth\u4ee4\u724c\u653e\u5728\u65e5\u5fd7\u6587\u4ef6\u4e2d\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u7528\u63a7\u5236\u53f0\u8bbf\u95ee\u4ee4\u724c\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://security.openstack.org/ossa/OSSA-2020-001.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-13180",
  "openTime": "2020-02-25",
  "patchDescription": "OpenStack\u662f\u4e00\u4e2a\u4e91\u5e73\u53f0\u7ba1\u7406\u9879\u76ee\u3002OpenStack Nova\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u4e91\u8ba1\u7b97\u7ed3\u6784\u63a7\u5236\u5668\u3002\r\n\r\nOpenStack Nova 18.2.4\u4e4b\u524d\u7248\u672c\u300119.1.0\u4e4b\u524d\u768419.x\u7248\u672c\u548c20.1.0\u4e4b\u524d\u768420.x\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u5c06consoleauth\u4ee4\u724c\u653e\u5728\u65e5\u5fd7\u6587\u4ef6\u4e2d\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u7528\u63a7\u5236\u53f0\u8bbf\u95ee\u4ee4\u724c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "OpenStack Nova\u4ee4\u724c\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "OpenStack Nova \u003c18.2.4",
      "OpenStack Nova 19.*\uff0c\u003c19.1.0",
      "OpenStack Nova 20.*\uff0c\u003c20.1.0"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2015-9543",
  "serverity": "\u4e2d",
  "submitTime": "2020-02-19",
  "title": "OpenStack Nova\u4ee4\u724c\u6cc4\u9732\u6f0f\u6d1e"
}

CVE-2015-9543 (GCVE-0-2015-9543)

Vulnerability from cvelistv5 – Published: 2020-02-19 02:11 – Updated: 2024-08-06 08:51

Summary

An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setups using novncproxy are affected. This is related to NovaProxyRequestHandlerBase.new_websocket_client in console/websocketproxy.py.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://launchpad.net/bugs/1492140	x_refsource_MISC
	https://review.opendev.org/220622	x_refsource_MISC
	https://security.openstack.org/ossa/OSSA-2020-001.html	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2020/02/19/2	mailing-listx_refsource_MLIST

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:51:05.311Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://launchpad.net/bugs/1492140"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://review.opendev.org/220622"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.openstack.org/ossa/OSSA-2020-001.html"
          },
          {
            "name": "[oss-security] 20200219 [OSSA-2020-001] Nova can leak consoleauth token into log files (CVE-2015-9543)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2020/02/19/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service\u0027s logs may obtain tokens used for console access. All Nova setups using novncproxy are affected. This is related to NovaProxyRequestHandlerBase.new_websocket_client in console/websocketproxy.py."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-19T18:06:04",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://launchpad.net/bugs/1492140"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://review.opendev.org/220622"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.openstack.org/ossa/OSSA-2020-001.html"
        },
        {
          "name": "[oss-security] 20200219 [OSSA-2020-001] Nova can leak consoleauth token into log files (CVE-2015-9543)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2020/02/19/2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-9543",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service\u0027s logs may obtain tokens used for console access. All Nova setups using novncproxy are affected. This is related to NovaProxyRequestHandlerBase.new_websocket_client in console/websocketproxy.py."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://launchpad.net/bugs/1492140",
              "refsource": "MISC",
              "url": "https://launchpad.net/bugs/1492140"
            },
            {
              "name": "https://review.opendev.org/220622",
              "refsource": "MISC",
              "url": "https://review.opendev.org/220622"
            },
            {
              "name": "https://security.openstack.org/ossa/OSSA-2020-001.html",
              "refsource": "CONFIRM",
              "url": "https://security.openstack.org/ossa/OSSA-2020-001.html"
            },
            {
              "name": "[oss-security] 20200219 [OSSA-2020-001] Nova can leak consoleauth token into log files (CVE-2015-9543)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2020/02/19/2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-9543",
    "datePublished": "2020-02-19T02:11:06",
    "dateReserved": "2020-02-19T00:00:00",
    "dateUpdated": "2024-08-06T08:51:05.311Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2020-13180

CVE-2015-9543 (GCVE-0-2015-9543)

Tags

Sightings

Nomenclature