CVE-2020-12690 Information

Feb 14, 2021 cve

Description

An issue was discovered in OpenStack Keystone before 15.0.1 and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus when an access token is used to request a keystone token the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended possibly giving unintended escalated access.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Reference

http://www.openwall.com/lists/oss-security/2020/05/07/3 https://bugs.launchpad.net/keystone/+bug/1873290 https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2@3Ccommits.druid.apache.org3E https://security.openstack.org/ossa/OSSA-2020-005.html https://usn.ubuntu.com/4480-1/ https://www.openwall.com/lists/oss-security/2020/05/06/6

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

8.8

Share on: