OSSA-2013-032: Keystone trust circumvention through EC2-style tokens

OSSA-2013-032: Keystone trust circumvention through EC2-style tokens¶

Date:: December 11, 2013
CVE:: CVE-2013-6391

Affects¶

Keystone: Havana and later

Description¶

Steven Hardy from Red Hat reported a vulnerability in Keystone trusts when used in conjunction with the ec2tokens API. By generating EC2 credentials using a trust-scoped token, a trustee may retrieve a token not scoped to the trust, therefore elevating privileges to all of the trustor’s roles. Only Keystone setups enabling EC2-style authentication are affected.

Patches¶

https://review.openstack.org/#/c/61425 (Havana)
https://review.openstack.org/#/c/61419 (Icehouse)

Credits¶

Steven Hardy from Red Hat (CVE-2013-6391)

References¶

https://launchpad.net/bugs/1242597
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6391

this page last updated: 2024-03-18 15:52:07

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.