CVE-2012-5571 - OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not properly handle EC2 tokens when the u

CVE-2012-5571

Summary

OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not properly handle EC2 tokens when the user role has been removed from a tenant, which allows remote authenticated users to bypass intended authorization restrictions by leveraging a token for the removed user role.

References

Vulnerable Configurations

cpe:2.3:a:openstack:essex:2012.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:essex:2012.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:folsom:2012.2:*:*:*:*:*:*:*
cpe:2.3:a:openstack:folsom:2012.2:*:*:*:*:*:*:*

CVSS

Base:	3.5 (as of 29-08-2017 - 01:32)
Impact:
Exploitability:

CWE

CWE-255

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	SINGLE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:N/AC:M/Au:S/C:N/I:P/A:N

redhat via4

advisories

rhsa
id RHSA-2012:1556
rhsa
id RHSA-2012:1557

rpms

openstack-keystone-0:2012.1.3-3.el6
openstack-keystone-doc-0:2012.1.3-3.el6
python-keystone-0:2012.1.3-3.el6
python-keystone-auth-token-0:2012.1.3-3.el6
openstack-keystone-0:2012.2.1-1.el6ost
openstack-keystone-doc-0:2012.2.1-1.el6ost
python-keystone-0:2012.2.1-1.el6ost

refmap via4

bid	56726
confirm	https://bugs.launchpad.net/keystone/+bug/1064914 https://github.com/openstack/keystone/commit/37308dd4f3e33f7bd0f71d83fd51734d1870713b https://github.com/openstack/keystone/commit/8735009dc5b895db265a1cd573f39f4acfca2a19 https://github.com/openstack/keystone/commit/9d68b40cb9ea818c48152e6c712ff41586ad9653
fedora	FEDORA-2012-19341
mlist	[oss-security] 20121128 [OSSA 2012-018] EC2-style credentials invalidation issue (CVE-2012-5571) [oss-security] 20121128 [OSSA 2012-019] Extension of token validity through token chaining (CVE-2012-5563)
secunia	51423 51436
ubuntu	USN-1641-1
xf	keystone-tenant-sec-bypass(80333)

Last major update

29-08-2017 - 01:32

Published

18-12-2012 - 01:55

Last modified

29-08-2017 - 01:32