CVE-2020-12689
Published: 7 May 2020
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.
Priority
Status
Package | Release | Status |
---|---|---|
keystone Launchpad, Ubuntu, Debian |
bionic |
Released
(2:13.0.4-0ubuntu1)
|
eoan |
Ignored
(end of life)
|
|
focal |
Not vulnerable
(2:17.0.0-0ubuntu0.20.04.1)
|
|
groovy |
Not vulnerable
(2:18.0.0~b2~git2020073017.b187dfd05-0ubuntu1)
|
|
hirsute |
Not vulnerable
(2:18.0.0~b2~git2020073017.b187dfd05-0ubuntu1)
|
|
impish |
Not vulnerable
(2:18.0.0~b2~git2020073017.b187dfd05-0ubuntu1)
|
|
jammy |
Not vulnerable
(2:18.0.0~b2~git2020073017.b187dfd05-0ubuntu1)
|
|
kinetic |
Not vulnerable
(2:18.0.0~b2~git2020073017.b187dfd05-0ubuntu1)
|
|
lunar |
Not vulnerable
(2:18.0.0~b2~git2020073017.b187dfd05-0ubuntu1)
|
|
mantic |
Not vulnerable
(2:18.0.0~b2~git2020073017.b187dfd05-0ubuntu1)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(13.0.4,15.0.1,16.0.0)
|
|
xenial |
Needed
|
|
Patches: upstream: https://opendev.org/openstack/keystone/commit/a405e4b71d7de31e81a01f07e02f189650eb66fe upstream: https://opendev.org/openstack/keystone/commit/487c7276c7608fb11086b9875b0d7cc7cf594a5a upstream: https://opendev.org/openstack/keystone/commit/53d1ccb8a1bdbb5aa0efaacf9739b1a6f436e191 |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 8.8 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | Low |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |