CVE-2020-12689
Published: 7 May 2020
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
keystone Launchpad, Ubuntu, Debian |
bionic |
Released
(2:13.0.4-0ubuntu1)
|
| eoan |
Ignored
(end of life)
|
|
| focal |
Not vulnerable
(2:17.0.0-0ubuntu0.20.04.1)
|
|
| groovy |
Not vulnerable
(2:18.0.0~b2~git2020073017.b187dfd05-0ubuntu1)
|
|
| hirsute |
Not vulnerable
(2:18.0.0~b2~git2020073017.b187dfd05-0ubuntu1)
|
|
| impish |
Not vulnerable
(2:18.0.0~b2~git2020073017.b187dfd05-0ubuntu1)
|
|
| jammy |
Not vulnerable
(2:18.0.0~b2~git2020073017.b187dfd05-0ubuntu1)
|
|
| kinetic |
Not vulnerable
(2:18.0.0~b2~git2020073017.b187dfd05-0ubuntu1)
|
|
| lunar |
Not vulnerable
(2:18.0.0~b2~git2020073017.b187dfd05-0ubuntu1)
|
|
| mantic |
Not vulnerable
(2:18.0.0~b2~git2020073017.b187dfd05-0ubuntu1)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(13.0.4,15.0.1,16.0.0)
|
|
| xenial |
Needed
|
|
|
Patches: upstream: https://opendev.org/openstack/keystone/commit/a405e4b71d7de31e81a01f07e02f189650eb66fe upstream: https://opendev.org/openstack/keystone/commit/487c7276c7608fb11086b9875b0d7cc7cf594a5a upstream: https://opendev.org/openstack/keystone/commit/53d1ccb8a1bdbb5aa0efaacf9739b1a6f436e191 |
||
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 8.8 |
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |