CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0CVE-2020-12691 – openstack-keystone: Credentials endpoint policy logic allows changing credential owner and target project ID
https://notcve.org/view.php?id=CVE-2020-12691
06 May 2020 — An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges. Se detectó un problema en OpenStack Keyst... • http://www.openwall.com/lists/oss-security/2020/05/07/2 • CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-12692 – openstack-keystone: failure to check signature TTL of the EC2 credential auth method
https://notcve.org/view.php?id=CVE-2020-12692
06 May 2020 — An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times. Se detectó un problema en OpenStack Keystone versiones anteriores a 15.0.1 y 16.0.0. La API EC2 no presenta una comprobación TTL de firma para AWS Signature V4. • http://www.openwall.com/lists/oss-security/2020/05/07/1 • CWE-294: Authentication Bypass by Capture-replay CWE-347: Improper Verification of Cryptographic Signature CWE-863: Incorrect Authorization •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 1CVE-2020-9543 – openstack-manila: User with share-network UUID is able to show, create and delete shares
https://notcve.org/view.php?id=CVE-2020-9543
12 Mar 2020 — OpenStack Manila <7.4.1, >=8.0.0 <8.1.1, and >=9.0.0 <9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks. OpenStack Manila versiones anteriores a 7.4.1, versiones posteriores a 8.0.0 incluyéndola y anteriores a 8.1.1, y versiones posteriores a 9.0.0 incluyéndola y anteriores a 9.1.1, permite a atacantes visualizar... • http://www.openwall.com/lists/oss-security/2020/03/12/1 • CWE-276: Incorrect Default Permissions CWE-284: Improper Access Control •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2015-9543 – Ubuntu Security Notice USN-5866-1
https://notcve.org/view.php?id=CVE-2015-9543
19 Feb 2020 — An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setups using novncproxy are affected. This is related to NovaProxyRequestHandlerBase.new_websocket_client in console/websocketproxy.py. • http://www.openwall.com/lists/oss-security/2020/02/19/2 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2012-5474
https://notcve.org/view.php?id=CVE-2012-5474
30 Dec 2019 — The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret key value. El archivo /etc/openstack-dashboard/local_settings dentro de Red Hat OpenStack Platform versión 2.0 y RHOS Essex Release (paquete python-django-horizon versiones anteriores a la versión 2012.1.1) es de tipo world readable y expone el valor de la clave secreta. • http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092841.html • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2012-5476
https://notcve.org/view.php?id=CVE-2012-5476
30 Dec 2019 — Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value. En RHOS Essex Preview (versión 2012.2) del paquete del panel de control de OpenStack, el archivo /etc/quantum/quantum.conf es de tipo world readable y expone la contraseña de administrador y el valor del token. • https://access.redhat.com/security/cve/cve-2012-5476 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-19687 – openstack-keystone: Credentials API allows non-admin to list and retrieve all users credentials
https://notcve.org/view.php?id=CVE-2019-19687
09 Dec 2019 — OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any credentials with the /v3/credentials API when enforce_scope is false. Users with a role on a project are able to view any other users' credentials, which could (for example) leak sign-on information for Time-based One Time Passwords (TOTP). Deployments with enforce_scope set to false are affected. (There will be a slight performance impact for the list credentia... • http://www.openwall.com/lists/oss-security/2019/12/11/8 • CWE-522: Insufficiently Protected Credentials •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2013-0326
https://notcve.org/view.php?id=CVE-2013-0326
05 Dec 2019 — OpenStack nova base images permissions are world readable Los permisos de imágenes base de OpenStack nova son de tipo world readable. • https://access.redhat.com/security/cve/cve-2013-0326 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 2CVE-2011-4076
https://notcve.org/view.php?id=CVE-2011-4076
26 Nov 2019 — OpenStack Nova before 2012.1 allows someone with access to an EC2_ACCESS_KEY (equivalent to a username) to obtain the EC2_SECRET_KEY (equivalent to a password). Exposing the EC2_ACCESS_KEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2_SECRET_KEY. An attacker could also presumably brute force values for EC2_ACCESS_KEY. OpenStack Nova versiones anteriores a 2012.1, permite a alguien con acceso a una EC2_ACCESS_KEY (equivalente a un nombre de usuario... • https://access.redhat.com/security/cve/cve-2011-4076 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2015-5694
https://notcve.org/view.php?id=CVE-2015-5694
22 Nov 2019 — Designate does not enforce the DNS protocol limit concerning record set sizes Designate no aplica el límite del protocolo DNS con respecto a los tamaños del conjunto de registros. • http://www.openwall.com/lists/oss-security/2015/07/28/11 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •