CVE-2015-0259
openstack-nova: console Cross-Site WebSocket hijacking
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
OpenStack Compute (Nova) before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage.
OpenStack Compute (Nova) anterior a 2014.1.4, 2014.2.x anterior a 2014.2.3, y kilo anterior a kilo-3 no valida el origen de las solicitudes websocket, lo que permite a atacantes remotos secuestrar la autenticación de usuarios para el acceso a consolas a través de una página web manipulada.
It was discovered that the OpenStack Compute (nova) console websocket did not correctly verify the origin header. An attacker could use this flaw to conduct a cross-site websocket hijack attack. Note that only Compute setups with VNC or SPICE enabled were affected by this flaw.
OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. It was discovered that the OpenStack Compute console websocket did not correctly verify the origin header. An attacker could use this flaw to conduct a cross-site websocket hijack attack. Note that only Compute setups with VNC or SPICE enabled were affected by this flaw.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-11-18 CVE Reserved
- 2015-04-01 CVE Published
- 2024-08-06 CVE Updated
- 2025-05-03 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-345: Insufficient Verification of Data Authenticity
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| https://bugs.launchpad.net/nova/+bug/1409142 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.openstack.org/pipermail/openstack-announce/2015-March/000341.html | 2023-02-13 | |
| http://rhn.redhat.com/errata/RHSA-2015-0790.html | 2023-02-13 | |
| http://rhn.redhat.com/errata/RHSA-2015-0843.html | 2023-02-13 | |
| http://rhn.redhat.com/errata/RHSA-2015-0844.html | 2023-02-13 | |
| https://access.redhat.com/security/cve/CVE-2015-0259 | 2015-04-16 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1190112 | 2015-04-16 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Openstack Search vendor "Openstack" | Nova Search vendor "Openstack" for product "Nova" | >= 2014.1 < 2014.1.4 Search vendor "Openstack" for product "Nova" and version " >= 2014.1 < 2014.1.4" | - |
Affected
| ||||||
| Openstack Search vendor "Openstack" | Nova Search vendor "Openstack" for product "Nova" | >= 2014.2 < 2014.2.3 Search vendor "Openstack" for product "Nova" and version " >= 2014.2 < 2014.2.3" | - |
Affected
| ||||||
| Openstack Search vendor "Openstack" | Nova Search vendor "Openstack" for product "Nova" | 2015.1.0 Search vendor "Openstack" for product "Nova" and version "2015.1.0" | milestone1 |
Affected
| ||||||
| Openstack Search vendor "Openstack" | Nova Search vendor "Openstack" for product "Nova" | 2015.1.0 Search vendor "Openstack" for product "Nova" and version "2015.1.0" | milestone2 |
Affected
| ||||||