Add OSSA-2014-026, OSSA-2014-027
This commit is contained in:
parent
aada49f83d
commit
0075906965
|
@ -0,0 +1,71 @@
|
|||
{
|
||||
"advisory": {
|
||||
"date": "2014-08-15",
|
||||
"description" : "Lance Bragstad from Rackspace and Brant Knudson from IBM reported 3 vulnerabilities in Keystone revocation events. Lance Bragstad discovered that UUID v2 tokens processed by the V3 API are incorrectly updated and get their \"issued_at\" time regenerated (CVE-2014-5252). Brant Knudson discovered that the MySQL token driver stores expiration dates incorrectly which prevents manual revocation (CVE-2014-5251) and that domain-scoped tokens don't get revoked when the domain is disabled (CVE-2014-5253). Tokens impacted by one of these bugs may allow a user to evade token revocation. Only Keystone setups configured to use revocation events are affected.",
|
||||
"id": "2014-026",
|
||||
"title": "Multiple vulnerabilities in Keystone revocation events",
|
||||
"url": "http://lists.openstack.org/pipermail/openstack-announce/2014-August/000264.html"
|
||||
},
|
||||
"affects": [
|
||||
{
|
||||
"product": "keystone",
|
||||
"version": "2014.1 versions up to 2014.1.1"
|
||||
}
|
||||
],
|
||||
"bugs": [
|
||||
"1347961",
|
||||
"1348820",
|
||||
"1349597"
|
||||
],
|
||||
"notes": "These fixes will be included in the Juno-3 development milestone and are already included in the 2014.1.2.1 release.",
|
||||
"reporters": [
|
||||
{
|
||||
"company": "Rackspace",
|
||||
"name": "Lance Bragstad"
|
||||
},
|
||||
{
|
||||
"company": "IBM",
|
||||
"name": "Brant Knudson"
|
||||
}
|
||||
],
|
||||
"reviews": [
|
||||
"111106",
|
||||
"109747",
|
||||
"109819",
|
||||
"109820",
|
||||
"112087",
|
||||
"111772",
|
||||
"112083",
|
||||
"112084"
|
||||
],
|
||||
"schema_version": 1,
|
||||
"vulnerabilities": [
|
||||
{
|
||||
"cve": "CVE-2014-5252",
|
||||
"cvss": {
|
||||
"base_score": "4.9",
|
||||
"scoring_vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"
|
||||
},
|
||||
"cwe": "TODO",
|
||||
"impact": "low"
|
||||
},
|
||||
{
|
||||
"cve": "CVE-2014-5251",
|
||||
"cvss": {
|
||||
"base_score": "4.9",
|
||||
"scoring_vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"
|
||||
},
|
||||
"cwe": "TODO",
|
||||
"impact": "low"
|
||||
},
|
||||
{
|
||||
"cve": "CVE-2014-5253",
|
||||
"cvss": {
|
||||
"base_score": "4.9",
|
||||
"scoring_vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"
|
||||
},
|
||||
"cwe": "TODO",
|
||||
"impact": "low"
|
||||
}
|
||||
]
|
||||
}
|
|
@ -0,0 +1,46 @@
|
|||
{
|
||||
"advisory": {
|
||||
"date": "2014-08-19",
|
||||
"description": "Dennis Felsch and Mario Heiderich from the Horst Görtz Institute for IT-Security, Ruhr-University Bochum reported a persistent XSS in Horizon. A malicious administrator may conduct a persistent XSS attack by registering a malicious host aggregate in Horizon Host Aggregate interface. Once executed in a legitimate context this attack may reveal another admin token, potentially resulting in a lateral privilege escalation. All Horizon setups are affected.",
|
||||
"id": "2014-027",
|
||||
"title": "Persistent XSS in Horizon Host Aggregates interface",
|
||||
"url": "http://lists.openstack.org/pipermail/openstack-announce/2014-August/000266.html"
|
||||
},
|
||||
"affects": [
|
||||
{
|
||||
"product": "horizon",
|
||||
"version": "up to 2013.2.3, and 2014.1 versions up to 2014.1.2"
|
||||
}
|
||||
],
|
||||
"bugs": [
|
||||
"1349491"
|
||||
],
|
||||
"notes": "This fix will be included in the Juno-3 development milestone and in future 2013.2.4 and 2014.1.3 releases.",
|
||||
"reporters": [
|
||||
{
|
||||
"company": "Ruhr-University Bochum",
|
||||
"name": "Dennis Felsch"
|
||||
},
|
||||
{
|
||||
"company": "Ruhr-University Bochum",
|
||||
"name": "Mario Heiderich"
|
||||
}
|
||||
],
|
||||
"reviews": [
|
||||
"115310",
|
||||
"115311",
|
||||
"115313"
|
||||
],
|
||||
"schema_version": 1,
|
||||
"vulnerabilities": [
|
||||
{
|
||||
"cve": "CVE-2014-3594",
|
||||
"cvss": {
|
||||
"base_score": "4.3",
|
||||
"scoring_vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"
|
||||
},
|
||||
"cwe": "CWE-79",
|
||||
"impact": "moderate"
|
||||
}
|
||||
]
|
||||
}
|
Loading…
Reference in New Issue