Vulnerability DatabaseCVE-2020-12691
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2020-12691
May 06, 2020
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.
Affected Packages
keystone (PYTHON):
Affected version(s) >=0.1 <15.0.1
Fix Suggestion:
Update to version 15.0.1
keystone (PYTHON):
Affected version(s) =16.0.0 <16.0.1
Fix Suggestion:
Update to version 16.0.1
Related Resources (16)
https://usn.ubuntu.com/4480-1
http://www.openwall.com/lists/oss-security/2020/05/07/2
https://nvd.nist.gov/vuln/detail/CVE-2020-12691
https://bugs.launchpad.net/keystone/+bug/1872733
https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa@%3Ccommits.druid.apache.org%3E
https://usn.ubuntu.com/4480-1/
https://github.com/openstack/keystone
https://security.openstack.org/ossa/OSSA-2020-004.html
https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2@%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E
https://github.com/openstack/keystone/commit/40cbb7bebd50276412daa1981ff5a7c7b3b899a5
https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa%40%3Ccommits.druid.apache.org%3E
https://github.com/openstack/keystone/commit/37e9907a176dad6843819b1bec4946c3aecc4548
https://github.com/openstack/keystone/commit/95b2bbeab113d9f04d1c81f7f1b48bf692bce979
https://www.openwall.com/lists/oss-security/2020/05/06/5
https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2020-55.yaml
Do you need more information?
Contact Us
CVSS v4
Base Score:
8.7
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
LOW
User Interaction
NONE
Vulnerable System Confidentiality
HIGH
Vulnerable System Integrity
HIGH
Vulnerable System Availability
HIGH
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH
CVSS v2
Base Score:
6.5
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
Weakness Type (CWE)
Missing Encryption of Sensitive Data
CWE-311
Incorrect Authorization
CWE-863
EPSS
Base Score:
3.57