ossa/ossa/OSSA-2014-007.yaml

58 lines
1.6 KiB
YAML

date: 2014-03-27
id: OSSA-2014-007
title: 'Potential context confusion in Keystone middleware'
description: 'Kieran Spear from the University of Melbourne reported a vulnerability
in Keystone auth_token middleware (shipped in python-keystoneclient). By doing repeated
requests, with sufficient load on the target system, an authenticated user may in
certain situations assume another authenticated user''s complete identity and multi-tenant
authorizations, potentially resulting in a privilege escalation. Note that it is
related to a bad interaction between eventlet and python-memcached that should be
avoided if the calling process already monkey-patches "thread" to use eventlet.
Only keystone middleware setups using auth_token with memcache are vulnerable.'
reference: http://lists.openstack.org/pipermail/openstack-announce/2014-March/000211.html
affected-products:
- product: python-keystoneclient
version: All versions up to 0.6.0
vulnerabilities:
- cve-id: CVE-2014-0105
impact-assessment:
source: 'Red Hat Product Security'
rating: important
assessment:
type: CVSS2
score: 4.3
detail: AV:N/AC:M/Au:N/C:N/I:P/A:N
classification:
source: 'Red Hat Product Security'
type: CWE
detail: TODO
reporters:
- name: 'Kieran Spear'
affiliation: 'University of Melbourne'
reported:
- CVE-2014-0105
issues:
links:
- https://launchpad.net/bugs/1282865
type: launchpad
reviews:
python-keystoneclient-0.7.0:
- https://review.openstack.org/#/c/81078
type: gerrit