Vulnerabilities > CVE-2017-2673 - Incorrect Authorization vulnerability in Redhat Openstack 10/9

047910
CVSS 7.2 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
redhat
CWE-863
nessus

Summary

An authorization-check flaw was discovered in federation configurations of the OpenStack Identity service (keystone). An authenticated federated user could request permissions to a project and unintentionally be granted all related roles including administrative roles.

Vulnerable Configurations

Part Description Count
Application
Redhat
2

Common Weakness Enumeration (CWE)

Nessus

NASL familyUbuntu Local Security Checks
NASL idUBUNTU_USN-3448-1.NASL
descriptionBoris Bobrov discovered that OpenStack Keystone incorrectly handled federation mapping when there are rules in which group-based assignments are not used. A remote authenticated user may receive all the roles assigned to a project regardless of the federation mapping, contrary to expectations. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen2020-06-01
modified2020-06-02
plugin id103811
published2017-10-12
reporterUbuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/103811
titleUbuntu 16.04 LTS : keystone vulnerability (USN-3448-1)

Redhat

advisories
  • rhsa
    idRHSA-2017:1461
  • rhsa
    idRHSA-2017:1597
rpms
  • openstack-keystone-1:9.3.0-2.el7ost
  • python-keystone-1:9.3.0-2.el7ost
  • python-keystone-tests-1:9.3.0-2.el7ost
  • openstack-keystone-1:10.0.1-3.el7ost
  • python-keystone-1:10.0.1-3.el7ost
  • python-keystone-tests-1:10.0.1-3.el7ost