CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2015-7546
https://notcve.org/view.php?id=CVE-2015-7546
The identity service in OpenStack Identity (Keystone) before 2015.1.3 (Kilo) and 8.0.x before 8.0.2 (Liberty) and keystonemiddleware (formerly python-keystoneclient) before 1.5.4 (Kilo) and Liberty before 2.3.3 does not properly invalidate authorization tokens when using the PKI or PKIZ token providers, which allows remote authenticated users to bypass intended access restrictions and gain access to cloud resources by manipulating byte fields within a revoked token. El servicio de identificación en OpenStack Identity (Keystone) en versiones anteriores a 2015.1.3 (Kilo) y 8.0.x en versiones anteriores a 8.0.2 (Liberty) y keystonemiddleware (anteriormente python-keystoneclient) en versiones anteriores a 1.5.4 (Kilo) y Liberty en versiones anteriores a 2.3.3 no invalida correctamente los tokens de autorización cuando utiliza los proveedores de token PKI o PKIZ, lo que permite a usuarios remotos autenticados eludir las restricciones de acceso previstas y obtener acceso a recursos de la nube manipulando los campos byte dentro de un token revocado. • http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/80498 https://bugs.launchpad.net/keystone/+bug/1490804 https://security.openstack.org/ossa/OSSA-2016-005.html https://wiki.openstack.org/wiki/OSSN/OSSN-0062 • CWE-522: Insufficiently Protected Credentials •
CVSS: 4.0EPSS: 0%CPEs: 7EXPL: 1CVE-2014-3621 – openstack-keystone: configuration data information leak through Keystone catalog
https://notcve.org/view.php?id=CVE-2014-3621
The catalog url replacement in OpenStack Identity (Keystone) before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuration options via a crafted endpoint, as demonstrated by "$(admin_token)" in the publicurl endpoint field. El reemplazo de la URL catalog en OpenStack Identity (Keystone) anterior a versión 2013.2.3 y versiones 2014.1 anteriores a 2014.1.2.1, permite a los usuarios autenticados remotos leer opciones de configuración confidenciales por medio de un endpoint diseñado, como es demostrado por "$(admin_token)" en el campo endpoint de publicurl. A flaw was found in the keystone catalog URL replacement. A user with permissions to register an endpoint could use this flaw to leak configuration data, including the master admin_token. Only keystone setups that allow non-cloud-admin users to create endpoints were affected by this issue. • http://rhn.redhat.com/errata/RHSA-2014-1688.html http://rhn.redhat.com/errata/RHSA-2014-1789.html http://rhn.redhat.com/errata/RHSA-2014-1790.html http://www.openwall.com/lists/oss-security/2014/09/16/10 http://www.ubuntu.com/usn/USN-2406-1 https://bugs.launchpad.net/keystone/+bug/1354208 https://access.redhat.com/security/cve/CVE-2014-3621 https://bugzilla.redhat.com/show_bug.cgi?id=1139937 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2014-3520 – openstack-keystone: Keystone V2 trusts privilege escalation through user supplied project id
https://notcve.org/view.php?id=CVE-2014-3520
OpenStack Identity (Keystone) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated trustees to gain access to an unauthorized project for which the trustor has certain roles via the project ID in a V2 API trust token request. OpenStack Identity (Keystone) anterior a 2013.2.4, 2014.x anterior a 2014.1.2, y Juno anterior a Juno-2 permite a usuarios remotos autenticados en quien se confía ganar acceso a un proyecto no autorizado para el cual el elemento que establece la confianza tiene ciertos roles a través del identificador del proyecto en una solicitud de token de confianza de la API V2. A flaw was found in the way keystone handled trusts. A trustee could use an out-of-scope project ID to gain unauthorized access to a project if the trustor had the required roles for that requested project. • http://lists.openstack.org/pipermail/openstack-announce/2014-July/000248.html http://secunia.com/advisories/59426 https://bugs.launchpad.net/keystone/+bug/1331912 https://access.redhat.com/security/cve/CVE-2014-3520 https://bugzilla.redhat.com/show_bug.cgi?id=1112668 • CWE-863: Incorrect Authorization •
CVSS: 6.0EPSS: 0%CPEs: 3EXPL: 1CVE-2014-3476 – openstack-keystone: privilege escalation through trust chained delegation
https://notcve.org/view.php?id=CVE-2014-3476
OpenStack Identity (Keystone) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained delegation, which allows remote authenticated users to gain privileges by leveraging a (1) trust or (2) OAuth token with impersonation enabled to create a new token with additional roles. OpenStack Identity (Keystone) anterior a 2013.2.4, 2014.1 anterior a 2014.1.2, y Juno anterior a Juno-2 no maneja debidamente la delegación encadenada, lo que permite a usuarios remotos autenticados ganar privilegios mediante el aprovechamiento de un token (1) trust o (2) OAuth con suplantación habilitada para crear un token nuevo con roles adicionales. A flaw was found in keystone's chained delegation. A trustee able to create a delegation from a trust or an OAuth token could misuse identity impersonation to bypass the enforced scope, possibly allowing them to obtain elevated privileges to the trustor's projects and roles. • http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00031.html http://secunia.com/advisories/57886 http://secunia.com/advisories/59547 http://www.openwall.com/lists/oss-security/2014/06/12/3 http://www.securityfocus.com/bid/68026 https://bugs.launchpad.net/keystone/+bug/1324592 https://access.redhat.com/security/cve/CVE-2014-3476 https://bugzilla.redhat.com/show_bug.cgi?id=1104524 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2014-2828 – openstack-keystone: denial of service via V3 API authentication chaining
https://notcve.org/view.php?id=CVE-2014-2828
The V3 API in OpenStack Identity (Keystone) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service (CPU consumption) via a large number of the same authentication method in a request, aka "authentication chaining." La API V3 en OpenStack Identity (Keystone) 2013.1 anterior a 2013.2.4 y icehouse anterior a icehouse-rc2 permite a atacantes remotos causar una denegación de servicio (consumo de CPU) a través de un número grande del mismo método de autenticación en una solicitud, también conocido como "encadenamiento de autenticación." A flaw was found in the keystone V3 API. An attacker could send a single request with the same authentication method multiple times, possibly leading to a denial of service due to generating excessive load with minimal requests. Only keystone setups with the V3 API enabled were affected by this issue. • http://rhn.redhat.com/errata/RHSA-2014-1688.html http://www.openwall.com/lists/oss-security/2014/04/10/20 https://bugs.launchpad.net/keystone/+bug/1300274 https://access.redhat.com/security/cve/CVE-2014-2828 https://bugzilla.redhat.com/show_bug.cgi?id=1086211 • CWE-287: Improper Authentication CWE-400: Uncontrolled Resource Consumption •