PT-2020-13208 · Openstack+1 · Openstack Keystone+1

Kay

Published

2020-05-06

Updated

2022-05-24

CVE-2020-12691

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions OpenStack Keystone versions prior to 15.0.1 OpenStack Keystone version 16.0.0

Description An issue allows any authenticated user to create an EC2 credential for themselves for a project they have a specified role on. The user can then update the credential user and project, enabling them to masquerade as another user. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, effectively granting that user global admin privileges.

Recommendations For OpenStack Keystone versions prior to 15.0.1, update to version 15.0.1 or later. For OpenStack Keystone version 16.0.0, consider disabling the EC2 credential creation feature until a patch is available.

Fix

Incorrect Authorization

Missing Encryption of Sensitive Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863CWE-311

Related Identifiers

CVE-2020-12691

DSA-4679-1

GHSA-4427-7F3W-MQV6

PYSEC-2020-55

RHSA-2020:2732

RHSA-2020:3096

RHSA-2020:3102

RHSA-2020:3105

USN-4480-1

Affected Products

Openstack Keystone

Ubuntu

PT-2020-13208 · Openstack+1 · Openstack Keystone+1

CVE-2020-12691

Weakness Enumeration

Related Identifiers

Affected Products

References · 29