CVE-2012-3426

Severity Score

4.9

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenStack Essex, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by (1) creating new tokens through token chaining, (2) leveraging possession of a token for a disabled user account, or (3) leveraging possession of a token for an account with a changed password.

OpenStack Keystone antes de v2012.1.1, como se usa en OpenStack Folsom antes de Folsom-1 y OpenStack Essex, no implementan apropiadamente la expiración de los token, lo que permite a usuarios autenticados remotamente evitar restricciones de acceso (1) creando nuevos token a través de la cadena de token, (2) aprovechando la posesión de un token de una cuenta de usuario deshabilitada o (3) aprovechando la posesión de un token de una cuenta con una contraseña cambiada

*Credits: N/A

CVSS Scores

NISTv2 4.9

Attack Vector

Network

Attack Complexity

Medium

Authentication

Single

Confidentiality

Partial

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2012-06-14 CVE Reserved
2012-07-31 CVE Published
2023-06-21 EPSS Updated
2024-08-06 CVE Updated
2024-08-06 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-264: Permissions, Privileges, and Access Controls

CAPEC

References (14)

URL	Tag	Source
http://github.com/openstack/keystone/commit/29e74e73a6e51cffc0371b32354558391826a4aa	X_refsource_confirm
http://github.com/openstack/keystone/commit/a67b24878a6156eab17b9098fa649f0279256f5d	X_refsource_confirm
http://github.com/openstack/keystone/commit/d9600434da14976463a0bd03abd8e0309f0db454	X_refsource_confirm
http://secunia.com/advisories/50045	Third Party Advisory
http://secunia.com/advisories/50494	Third Party Advisory
https://bugs.launchpad.net/keystone/+bug/996595	X_refsource_confirm
https://bugs.launchpad.net/keystone/+bug/997194	X_refsource_confirm
https://bugs.launchpad.net/keystone/+bug/998185	X_refsource_confirm

URL	Date	SRC
http://github.com/openstack/keystone/commit/628149b3dc6b58b91fd08e6ca8d91c728ccb8626	2024-08-06
http://github.com/openstack/keystone/commit/ea03d05ed5de0c015042876100d37a6a14bf56de	2024-08-06

URL	Date	SRC
http://github.com/openstack/keystone/commit/375838cfceb88cacc312ff6564e64eb18ee6a355	2012-09-07
http://www.openwall.com/lists/oss-security/2012/07/27/4	2012-09-07
https://launchpad.net/keystone/essex/2012.1.1/+download/keystone-2012.1.1.tar.gz	2012-09-07

URL	Date	SRC
http://www.ubuntu.com/usn/USN-1552-1	2012-09-07

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Openstack Search vendor "Openstack"		Essex Search vendor "Openstack" for product "Essex"				*		-		Affected
Openstack Search vendor "Openstack"		Horizon Search vendor "Openstack" for product "Horizon"				folsom-1 Search vendor "Openstack" for product "Horizon" and version "folsom-1"		-		Affected
Openstack Search vendor "Openstack"		Keystone Search vendor "Openstack" for product "Keystone"				2012.1 Search vendor "Openstack" for product "Keystone" and version "2012.1"		-		Affected
Openstack Search vendor "Openstack"		Keystone Search vendor "Openstack" for product "Keystone"				2012.1.1 Search vendor "Openstack" for product "Keystone" and version "2012.1.1"		-		Affected