CVE-2012-5571

OpenStack: Keystone EC2-style credentials invalidation issue

Severity Score

9.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not properly handle EC2 tokens when the user role has been removed from a tenant, which allows remote authenticated users to bypass intended authorization restrictions by leveraging a token for the removed user role.

OpenStack Keystone Essex (2012.1) and Folsom (2012.2) no controlan correctamente los token EC2 cuando la función de usuario se ha eliminado de un inquilino, lo que permite a usuarios autenticados remotamente eludir las restricciones previstas al aprovechar un token para la función de usuario eliminado.

The openstack-keystone packages provide Keystone, a Python implementation of the OpenStack identity service API, which provides Identity, Token, Catalog, and Policy services. The openstack-keystone packages have been upgraded to upstream version 2012.1.3, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following security issues: It was found that Keystone did not correctly handle users being removed from tenants when Amazon Elastic Compute Cloud style credentials were in use. When a user was removed from a tenant, they retained the privileges provided by that tenant, allowing them to access resources they should no longer have access to.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Medium

Authentication

Single

Confidentiality

None

Integrity

Partial

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2012-10-24 CVE Reserved
2012-11-29 CVE Published
2024-08-06 CVE Updated
2025-06-05 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-255: Credentials Management Errors

CAPEC

References (16)

URL	Tag	Source
http://www.securityfocus.com/bid/56726	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/80333	Vdb Entry

URL	Date	SRC

URL	Date	SRC
http://www.openwall.com/lists/oss-security/2012/11/28/5	2017-08-29
http://www.openwall.com/lists/oss-security/2012/11/28/6	2017-08-29
https://bugs.launchpad.net/keystone/+bug/1064914	2017-08-29
https://github.com/openstack/keystone/commit/37308dd4f3e33f7bd0f71d83fd51734d1870713b	2017-08-29
https://github.com/openstack/keystone/commit/8735009dc5b895db265a1cd573f39f4acfca2a19	2017-08-29
https://github.com/openstack/keystone/commit/9d68b40cb9ea818c48152e6c712ff41586ad9653	2017-08-29

URL	Date	SRC
http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094286.html	2017-08-29
http://rhn.redhat.com/errata/RHSA-2012-1556.html	2017-08-29
http://rhn.redhat.com/errata/RHSA-2012-1557.html	2017-08-29
http://secunia.com/advisories/51423	2017-08-29
http://secunia.com/advisories/51436	2017-08-29
http://www.ubuntu.com/usn/USN-1641-1	2017-08-29
https://access.redhat.com/security/cve/CVE-2012-5571	2012-12-10
https://bugzilla.redhat.com/show_bug.cgi?id=880399	2012-12-10

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Openstack Search vendor "Openstack"		Essex Search vendor "Openstack" for product "Essex"				2012.1 Search vendor "Openstack" for product "Essex" and version "2012.1"		-		Affected
Openstack Search vendor "Openstack"		Folsom Search vendor "Openstack" for product "Folsom"				2012.2 Search vendor "Openstack" for product "Folsom" and version "2012.2"		-		Affected