OSSA-2014-004: Glance Swift store backend password leak¶

Date:: February 12, 2014
CVE:: CVE-2014-1948

Affects¶

Glance: 2013.2 versions up to 2013.2.1

Description¶

Nikhil Komawar from Rackspace reported an information leak in Glance logs. The password for the Swift store backend is logged at WARNING level as part of the URL when authentication to a store fails if image location is not disabled by policy or the store is a single-tenant configuration. An attacker with access to the logs (local shell, log aggregation system access, or accidental leak) may leverage this vulnerability to elevate privileges and gain direct full access to the Glance Swift store backend. Only Glance setups using the Swift store backend are affected.

Patches¶

https://review.openstack.org/#/c/72473 (Havana)
https://review.openstack.org/#/c/71419 (Icehouse)

Credits¶

Nikhil Komawar from Rackspace (CVE-2014-1948)

References¶

https://launchpad.net/bugs/1275062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1948

OSSA-2014-004: Glance Swift store backend password leak