CVE-2012-3426
Ubuntu Security Notice USN-1552-1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenStack Essex, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by (1) creating new tokens through token chaining, (2) leveraging possession of a token for a disabled user account, or (3) leveraging possession of a token for an account with a changed password.
OpenStack Keystone antes de v2012.1.1, como se usa en OpenStack Folsom antes de Folsom-1 y OpenStack Essex, no implementan apropiadamente la expiración de los token, lo que permite a usuarios autenticados remotamente evitar restricciones de acceso (1) creando nuevos token a través de la cadena de token, (2) aprovechando la posesión de un token de una cuenta de usuario deshabilitada o (3) aprovechando la posesión de un token de una cuenta con una contraseña cambiada
Dolph Mathews discovered that OpenStack Keystone did not properly restrict to administrative users the ability to update users' tenants. A remote attacker that can reach the administrative API can use this to add any user to any tenant. Derek Higgins discovered that OpenStack Keystone did not properly implement token expiration. A remote attacker could use this to continue to access an account that has been disabled or has a changed password. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2012-06-14 CVE Reserved
- 2012-07-31 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (14)
| URL | Tag | Source |
|---|---|---|
| http://github.com/openstack/keystone/commit/29e74e73a6e51cffc0371b32354558391826a4aa | X_refsource_confirm | |
| http://github.com/openstack/keystone/commit/a67b24878a6156eab17b9098fa649f0279256f5d | X_refsource_confirm | |
| http://github.com/openstack/keystone/commit/d9600434da14976463a0bd03abd8e0309f0db454 | X_refsource_confirm | |
| http://secunia.com/advisories/50045 | Third Party Advisory | |
| http://secunia.com/advisories/50494 | Third Party Advisory | |
| https://bugs.launchpad.net/keystone/+bug/996595 | X_refsource_confirm | |
| https://bugs.launchpad.net/keystone/+bug/997194 | X_refsource_confirm | |
| https://bugs.launchpad.net/keystone/+bug/998185 | X_refsource_confirm |
| URL | Date | SRC |
|---|---|---|
| http://www.ubuntu.com/usn/USN-1552-1 | 2012-09-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Openstack Search vendor "Openstack" | Essex Search vendor "Openstack" for product "Essex" | * | - |
Affected
| ||||||
| Openstack Search vendor "Openstack" | Horizon Search vendor "Openstack" for product "Horizon" | folsom-1 Search vendor "Openstack" for product "Horizon" and version "folsom-1" | - |
Affected
| ||||||
| Openstack Search vendor "Openstack" | Keystone Search vendor "Openstack" for product "Keystone" | 2012.1 Search vendor "Openstack" for product "Keystone" and version "2012.1" | - |
Affected
| ||||||
| Openstack Search vendor "Openstack" | Keystone Search vendor "Openstack" for product "Keystone" | 2012.1.1 Search vendor "Openstack" for product "Keystone" and version "2012.1.1" | - |
Affected
| ||||||