// For flags

CVE-2018-14432

openstack-keystone: Information Exposure through /v3/OS-FEDERATION/projects

Severity Score

5.3
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an authenticated "GET /v3/OS-FEDERATION/projects" request may bypass intended access restrictions on listing projects. An authenticated user may discover projects they have no authority to access, leaking all projects in the deployment and their attributes. Only Keystone with the /v3/OS-FEDERATION endpoint enabled via policy.json is affected.

En el componente Federation de OpenStack Keystone en versiones anteriores a la 11.0.4, 12.0.0 y 13.0.0, una petición "GET /v3/OS-FEDERATION/projects" autenticada podría omitir las restricciones de acceso planeadas en los proyectos en lista. Un usuario autenticado podría descubrir proyectos a los que no están autorizados a acceder, filtrando todos los proyectos desplegados y sus atributos. Solo se ha visto afectado Keystone con el endpoint /v3/OS-FEDERATION habilitado mediante policy.json.

A flaw was found in Keystone federation. By doing GET /v3/OS-FEDERATION/projects an authenticated user may discover projects they have no authority to access, leaking all projects in the deployment and their attributes. Only Keystone with the /v3/OS-FEDERATION endpoint enabled via policy.json is affected.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
Single
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-07-19 CVE Reserved
  • 2018-07-31 CVE Published
  • 2024-02-24 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Debian
Search vendor "Debian"
Debian Linux
Search vendor "Debian" for product "Debian Linux"
9.0
Search vendor "Debian" for product "Debian Linux" and version "9.0"
-
Affected
Redhat
Search vendor "Redhat"
Openstack
Search vendor "Redhat" for product "Openstack"
10
Search vendor "Redhat" for product "Openstack" and version "10"
-
Affected
Redhat
Search vendor "Redhat"
Openstack
Search vendor "Redhat" for product "Openstack"
12
Search vendor "Redhat" for product "Openstack" and version "12"
-
Affected
Redhat
Search vendor "Redhat"
Openstack
Search vendor "Redhat" for product "Openstack"
13
Search vendor "Redhat" for product "Openstack" and version "13"
-
Affected
Openstack
Search vendor "Openstack"
Keystone
Search vendor "Openstack" for product "Keystone"
< 11.0.4
Search vendor "Openstack" for product "Keystone" and version " < 11.0.4"
-
Affected
Openstack
Search vendor "Openstack"
Keystone
Search vendor "Openstack" for product "Keystone"
12.0.0
Search vendor "Openstack" for product "Keystone" and version "12.0.0"
-
Affected
Openstack
Search vendor "Openstack"
Keystone
Search vendor "Openstack" for product "Keystone"
13.0.0
Search vendor "Openstack" for product "Keystone" and version "13.0.0"
-
Affected