CVE-2020-12692

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 07-05-2020 02:15

Last modified: - 27-04-2022 04:49

Total changes: - 3

Description

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

Low

Confidentiality

Low

Integrity

Low

Privileges required

Unchanged

Scope

None

User interaction

5.4

Base score

2.8

2.5

Exploitability score

Impact score

Verification logic

vendor=openstack AND product=keystone AND versionEndExcluding=15.0.1

vendor=openstack AND product=keystone AND version=16.0.0

vendor=canonical AND product=ubuntu_linux AND version=18.04 AND software_edition=lts

Reference

https://www.openwall.com/lists/oss-security/2020/05/06/4
https://bugs.launchpad.net/keystone/+bug/1872737
[oss-security] 20200507 Re: [OSSA-2020-003] Keystone: Keystone does not check signature TTL of the EC2 credential auth method (CVE PENDING)-Mailing List, Third Party Advisory
https://security.openstack.org/ossa/OSSA-2020-003.html
USN-4480-1-Third Party Advisory

Keywords

CVE-2020-12692

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2020-12692

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures