CVSS: 4.9EPSS: 0%CPEs: 5EXPL: 0CVE-2014-5252 – openstack-keystone: token expiration date stored incorrectly
https://notcve.org/view.php?id=CVE-2014-5252
The V3 API in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 updates the issued_at value for UUID v2 tokens, which allows remote authenticated users to bypass the token expiration and retain access via a verification (1) GET or (2) HEAD request to v3/auth/tokens/. La API V3 en OpenStack Identity (Keystone) 2014.1.x anterior a 2014.1.2.1 y Juno anterior a Juno-3 actualiza el valor issued_at para los tokens UUID v2, loque permite a usuarios remotos autenticados evadir la caducidad de tokens y conservar el acceso a través de una solicitud (1) GET o (2) HEAD de verificación en v3/auth/tokens/. A flaw was found in keystone revocation events that resulted in the "issued_at" time being updated when a token created by the V2 API was processed by the V3 API. This could allow a user to evade token revocation. Only OpenStack Identity setups configured to make use of revocation events and UUID tokens were affected. • http://rhn.redhat.com/errata/RHSA-2014-1121.html http://rhn.redhat.com/errata/RHSA-2014-1122.html http://www.openwall.com/lists/oss-security/2014/08/15/6 http://www.ubuntu.com/usn/USN-2324-1 https://bugs.launchpad.net/keystone/+bug/1348820 https://access.redhat.com/security/cve/CVE-2014-5252 https://bugzilla.redhat.com/show_bug.cgi?id=1127250 • CWE-255: Credentials Management Errors CWE-613: Insufficient Session Expiration •
CVSS: 4.9EPSS: 0%CPEs: 5EXPL: 0CVE-2014-5253 – openstack-keystone: domain-scoped tokens don't get revoked
https://notcve.org/view.php?id=CVE-2014-5253
OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 does not properly revoke tokens when a domain is invalidated, which allows remote authenticated users to retain access via a domain-scoped token for that domain. OpenStack Identity (Keystone) 2014.1.x anterior a 2014.1.2.1 y Juno anterior a Juno-3 no revoca debidamente los tokens cuando un dominio está invalidado, lo que permite a usuarios remotos autenticados conservar el acceso a través de un token 'domain-scoped' para este dominio. It was discovered that domain-scoped tokens were not revoked when a domain was disabled. Only OpenStack Identity setups configured to make use of revocation events were affected. • http://rhn.redhat.com/errata/RHSA-2014-1121.html http://rhn.redhat.com/errata/RHSA-2014-1122.html http://www.openwall.com/lists/oss-security/2014/08/15/6 http://www.ubuntu.com/usn/USN-2324-1 https://bugs.launchpad.net/keystone/+bug/1349597 https://access.redhat.com/security/cve/CVE-2014-5253 https://bugzilla.redhat.com/show_bug.cgi?id=1127253 • CWE-255: Credentials Management Errors CWE-613: Insufficient Session Expiration •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2014-3520 – openstack-keystone: Keystone V2 trusts privilege escalation through user supplied project id
https://notcve.org/view.php?id=CVE-2014-3520
OpenStack Identity (Keystone) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated trustees to gain access to an unauthorized project for which the trustor has certain roles via the project ID in a V2 API trust token request. OpenStack Identity (Keystone) anterior a 2013.2.4, 2014.x anterior a 2014.1.2, y Juno anterior a Juno-2 permite a usuarios remotos autenticados en quien se confía ganar acceso a un proyecto no autorizado para el cual el elemento que establece la confianza tiene ciertos roles a través del identificador del proyecto en una solicitud de token de confianza de la API V2. A flaw was found in the way keystone handled trusts. A trustee could use an out-of-scope project ID to gain unauthorized access to a project if the trustor had the required roles for that requested project. • http://lists.openstack.org/pipermail/openstack-announce/2014-July/000248.html http://secunia.com/advisories/59426 https://bugs.launchpad.net/keystone/+bug/1331912 https://access.redhat.com/security/cve/CVE-2014-3520 https://bugzilla.redhat.com/show_bug.cgi?id=1112668 • CWE-863: Incorrect Authorization •
CVSS: 6.0EPSS: 0%CPEs: 3EXPL: 1CVE-2014-3476 – openstack-keystone: privilege escalation through trust chained delegation
https://notcve.org/view.php?id=CVE-2014-3476
OpenStack Identity (Keystone) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained delegation, which allows remote authenticated users to gain privileges by leveraging a (1) trust or (2) OAuth token with impersonation enabled to create a new token with additional roles. OpenStack Identity (Keystone) anterior a 2013.2.4, 2014.1 anterior a 2014.1.2, y Juno anterior a Juno-2 no maneja debidamente la delegación encadenada, lo que permite a usuarios remotos autenticados ganar privilegios mediante el aprovechamiento de un token (1) trust o (2) OAuth con suplantación habilitada para crear un token nuevo con roles adicionales. A flaw was found in keystone's chained delegation. A trustee able to create a delegation from a trust or an OAuth token could misuse identity impersonation to bypass the enforced scope, possibly allowing them to obtain elevated privileges to the trustor's projects and roles. • http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00031.html http://secunia.com/advisories/57886 http://secunia.com/advisories/59547 http://www.openwall.com/lists/oss-security/2014/06/12/3 http://www.securityfocus.com/bid/68026 https://bugs.launchpad.net/keystone/+bug/1324592 https://access.redhat.com/security/cve/CVE-2014-3476 https://bugzilla.redhat.com/show_bug.cgi?id=1104524 • CWE-269: Improper Privilege Management •