Vulnerability Details : CVE-2012-3426
OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenStack Essex, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by (1) creating new tokens through token chaining, (2) leveraging possession of a token for a disabled user account, or (3) leveraging possession of a token for an account with a changed password.
Products affected by CVE-2012-3426
- cpe:2.3:a:openstack:essex:*:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:horizon:folsom-1:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:keystone:2012.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:keystone:2012.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-3426
0.25%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 62 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-3426
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.9
|
MEDIUM | AV:N/AC:M/Au:S/C:P/I:P/A:N |
6.8
|
4.9
|
NIST |
CWE ids for CVE-2012-3426
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-3426
-
http://github.com/openstack/keystone/commit/628149b3dc6b58b91fd08e6ca8d91c728ccb8626
Invalidate user tokens when a user is disabled · openstack/keystone@628149b · GitHubExploit;Patch
-
http://github.com/openstack/keystone/commit/375838cfceb88cacc312ff6564e64eb18ee6a355
Carrying over token expiry time when token chaining · openstack/keystone@375838c · GitHubPatch
-
https://bugs.launchpad.net/keystone/+bug/997194
Bug #997194 “[OSSA 2012-010] Tokens remain valid after a user ac...” : Bugs : OpenStack Identity (keystone)
-
http://github.com/openstack/keystone/commit/ea03d05ed5de0c015042876100d37a6a14bf56de
Invalidate user tokens when password is changed · openstack/keystone@ea03d05 · GitHubExploit;Patch
-
http://www.ubuntu.com/usn/USN-1552-1
USN-1552-1: OpenStack Keystone vulnerabilities | Ubuntu security notices
-
https://launchpad.net/keystone/essex/2012.1.1/+download/keystone-2012.1.1.tar.gz
Patch
-
http://www.openwall.com/lists/oss-security/2012/07/27/4
oss-security - [OSSA 2012-010] Various Keystone token expiration issues (CVE-2012-3426)Patch
-
http://github.com/openstack/keystone/commit/a67b24878a6156eab17b9098fa649f0279256f5d
Invalidate user tokens when password is changed · openstack/keystone@a67b248 · GitHub
-
http://github.com/openstack/keystone/commit/29e74e73a6e51cffc0371b32354558391826a4aa
Carrying over token expiry time when token chaining · openstack/keystone@29e74e7 · GitHub
-
https://bugs.launchpad.net/keystone/+bug/996595
Bug #996595 “[OSSA 2012-010] Following a password compromise and...” : Bugs : OpenStack Identity (keystone)
-
http://github.com/openstack/keystone/commit/d9600434da14976463a0bd03abd8e0309f0db454
Invalidate user tokens when a user is disabled · openstack/keystone@d960043 · GitHub
-
https://bugs.launchpad.net/keystone/+bug/998185
Bug #998185 “[OSSA 2012-010] Once a token is created/distributed...” : Bugs : OpenStack Identity (keystone)
Jump to