date: 2013-06-13

id: OSSA-2013-015

title: 'Authentication bypass when using LDAP backend'

description: 'Jose Castro Leon from CERN reported a vulnerability in the way the Keystone
  LDAP backend authenticates users. When provided with an empty password, the backend
  would perform an anonymous LDAP bind that would result in successfully authenticating
  the user.  An attacker could therefore easily impersonate and get valid tokens for
  any user. Only Keystone setups using LDAP authentication backend are affected.'

reference: http://lists.openstack.org/pipermail/openstack-announce/2013-June/000111.html

affected-products:

  - product: keystone
    version: Folsom, Grizzly

vulnerabilities:

  - cve-id: CVE-2013-2157
    impact-assessment:
      source: 'Red Hat Product Security'
      rating: important
      assessment:
        type: CVSS2
        score: 5.0
        detail: AV:N/AC:L/Au:N/C:N/I:P/A:N
    classification:
      source: 'Red Hat Product Security'
      type: CWE
      detail: TODO

reporters:

  - name: 'Jose Castro Leon'
    affiliation: CERN
    reported:
      - CVE-2013-2157

issues:

  links:
    - https://launchpad.net/bugs/1187305

  type: launchpad

reviews:

  havana:
    - https://review.openstack.org/#/c/32896

  grizzly:
    - https://review.openstack.org/#/c/32895

  folsom:
    - https://review.openstack.org/#/c/32894

  type: gerrit