CVE-2020-12692

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times.

References

Affected packages

Git / github.com/openstack/keystone

Affected ranges

Type

GIT

Repo

https://github.com/openstack/keystone

Events

Introduced

Fixed

95b2bbeab113d9f04d1c81f7f1b48bf692bce979

Introduced

Last affected

dc9e9e32dfbf9fd9c58f9f8e2b35f0bcfd62328e

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "15.0.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "16.0.0"
        }
    ]
}

Affected versions

10.*

10.0.0.0b1

10.0.0.0b2

10.0.0.0b3

10.0.0.0rc1

11.*

11.0.0

11.0.0.0b1

11.0.0.0b2

11.0.0.0b3

11.0.0.0rc1

12.*

12.0.0.0b1

12.0.0.0b2

12.0.0.0b3

12.0.0.0rc1

13.*

13.0.0.0b1

13.0.0.0b2

13.0.0.0b3

13.0.0.0rc1

14.*

14.0.0.0b1

14.0.0.0b2

14.0.0.0rc1

15.*

15.0.0

15.0.0.0rc1

15.0.0.0rc2

16.*

16.0.0

16.0.0.0rc1

16.0.0.0rc2

2011.*

2011.3

2013.*

2013.2.b1

2013.2.b3

2013.2.rc1

2014.*

2014.1.b1

2014.1.b2

2014.1.b3

2014.1.rc1

2014.2.b1

2014.2.b2

2014.2.b3

2014.2.rc1

2015.*

2015.1.0b1

2015.1.0b2

2015.1.0b3

2015.1.0rc1

8.*

8.0.0.0b1

8.0.0.0b2

8.0.0.0b3

8.0.0.0rc1

8.0.0a0

9.*

9.0.0.0b1

9.0.0.0b2

9.0.0.0b3

9.0.0.0rc1

Other

essex-4

essex-rc1

folsom-1

folsom-2

folsom-rc1

grizzly-1

grizzly-2

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "18.04"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-12692.json"