2 results (0.002 seconds)

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

The identity service in OpenStack Identity (Keystone) before 2015.1.3 (Kilo) and 8.0.x before 8.0.2 (Liberty) and keystonemiddleware (formerly python-keystoneclient) before 1.5.4 (Kilo) and Liberty before 2.3.3 does not properly invalidate authorization tokens when using the PKI or PKIZ token providers, which allows remote authenticated users to bypass intended access restrictions and gain access to cloud resources by manipulating byte fields within a revoked token. El servicio de identificación en OpenStack Identity (Keystone) en versiones anteriores a 2015.1.3 (Kilo) y 8.0.x en versiones anteriores a 8.0.2 (Liberty) y keystonemiddleware (anteriormente python-keystoneclient) en versiones anteriores a 1.5.4 (Kilo) y Liberty en versiones anteriores a 2.3.3 no invalida correctamente los tokens de autorización cuando utiliza los proveedores de token PKI o PKIZ, lo que permite a usuarios remotos autenticados eludir las restricciones de acceso previstas y obtener acceso a recursos de la nube manipulando los campos byte dentro de un token revocado. • http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/80498 https://bugs.launchpad.net/keystone/+bug/1490804 https://security.openstack.org/ossa/OSSA-2016-005.html https://wiki.openstack.org/wiki/OSSN/OSSN-0062 • CWE-522: Insufficiently Protected Credentials •

CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0

The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate, a different vulnerability than CVE-2014-7144. El middleware s3_token en OpenStack keystonemiddleware anterior a 1.6.0 y python-keystoneclient anterior a 1.4.0 deshabilita la verificación de certificados cuando la opción 'inseguro' esté configurada en un fichero de configuración paste (paste.ini) independientemente de su valor, lo que permite a atacantes remotos realizar ataques man-in-the-middle a través de un certificado manipulado, una vulnerabilidad diferente a CVE-2014-7144. It was discovered that some items in the S3Token paste configuration as used by python-keystonemiddleware (formerly python-keystoneclient) were incorrectly evaluated as strings, an issue similar to CVE-2014-7144. If the "insecure" option were set to "false", the option would be evaluated as true, resulting in TLS connections being vulnerable to man-in-the-middle attacks. Note: the "insecure" option defaults to false, so setups that do not specifically define "insecure=false" are not affected. • http://lists.openstack.org/pipermail/openstack-announce/2015-April/000350.html http://rhn.redhat.com/errata/RHSA-2015-1677.html http://rhn.redhat.com/errata/RHSA-2015-1685.html http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html http://www.securityfocus.com/bid/74187 http://www.ubuntu.com/usn/USN-2705-1 https://bugs.launchpad.net/keystonemiddleware/+bug/1411063 https://access.redhat.com/security/cve/CVE-2015-1852 https://bugzilla.redhat.com/show_bug.cg • CWE-17: DEPRECATED: Code CWE-295: Improper Certificate Validation •