CVE-2019-17134
openstack-octavia: amphora-agent not requiring client certificate
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0 <4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve information or issue configuration commands via simple HTTP requests to the Agent on port https/9443, because the cmd/agent.py gunicorn cert_reqs option is True but is supposed to be ssl.CERT_REQUIRED.
Amphora Images en OpenStack Octavia versiones posteriores e incluyendo a 0.10.0 anteriores a 2.1.2, versiones posteriores e incluyendo a 3.0.0 anteriores a 3.2.0, versiones posteriores e incluyendo a 4.0.0 anteriores a 4.1.0, permite a cualquier persona con acceso a la red de administración omitir la autenticación basada en el certificado del cliente y recuperar información o emitir comandos de configuración mediante peticiones HTTP simples hacia el Agente sobre el puerto https/9443, porque la opción gunicorn cert_reqs del archivo cmd/agent.py es True pero se supone que es ssl.CERT_REQUIRED.
A certificate-validation error has been found in Octavia's amphora-agent, where an attacker with management-network access could bypass an amphora's client-certificate based authentication. Because the agent's HTTP server (gunicorn) had 'cert_reqs' set to 'True' instead of 'ssl.CERT_REQUIRED', information could be retrieved or configuration updated without a client certificate.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-10-04 CVE Reserved
- 2019-10-08 CVE Published
- 2024-02-01 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
- CWE-471: Modification of Assumed-Immutable Data (MAID)
CAPEC
References (14)
| URL | Tag | Source |
|---|---|---|
| https://storyboard.openstack.org/#%21/story/2006660 | X_refsource_misc |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://review.opendev.org/686541 | 2023-11-07 | |
| https://review.opendev.org/686543 | 2023-11-07 | |
| https://review.opendev.org/686544 | 2023-11-07 | |
| https://review.opendev.org/686545 | 2023-11-07 | |
| https://review.opendev.org/686546 | 2023-11-07 | |
| https://review.opendev.org/686547 | 2023-11-07 | |
| https://security.openstack.org/ossa/OSSA-2019-005.html | 2023-11-07 |
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2019:3743 | 2023-11-07 | |
| https://access.redhat.com/errata/RHSA-2019:3788 | 2023-11-07 | |
| https://access.redhat.com/errata/RHSA-2020:0721 | 2023-11-07 | |
| https://usn.ubuntu.com/4153-1 | 2023-11-07 | |
| https://access.redhat.com/security/cve/CVE-2019-17134 | 2020-03-05 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1761307 | 2020-03-05 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Opendev Search vendor "Opendev" | Octavia Search vendor "Opendev" for product "Octavia" | >= 0.10.0 < 2.1.2 Search vendor "Opendev" for product "Octavia" and version " >= 0.10.0 < 2.1.2" | openstack |
Affected
| ||||||
| Opendev Search vendor "Opendev" | Octavia Search vendor "Opendev" for product "Octavia" | >= 3.0.0 < 3.2.0 Search vendor "Opendev" for product "Octavia" and version " >= 3.0.0 < 3.2.0" | openstack |
Affected
| ||||||
| Opendev Search vendor "Opendev" | Octavia Search vendor "Opendev" for product "Octavia" | >= 4.0.0 < 4.1.0 Search vendor "Opendev" for product "Octavia" and version " >= 4.0.0 < 4.1.0" | openstack |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 19.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "19.04" | - |
Affected
| ||||||