#VU14477 Security restrictions bypass in OpenStack Keystone - CVE-2018-14432
Published: August 17, 2018 / Updated: August 21, 2018
Vulnerability identifier: #VU14477
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-14432
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
OpenStack Keystone
OpenStack Keystone
Software vendor:
Openstack
Openstack
Description
The vulnerability allows a remote authenticated attacker to bypass security restrictions on the target system.
The vulnerability exists in the Federation component in Keystone with the /v3/OS-FEDERATION endpoint enabled via policy.json due to an error when handling malicious input. A remote attacker can submit authenticated "GET /v3/OS-FEDERATION/projects" request, bypass intended access restrictions on listing projects and discover projects he has no authority to access, leaking all projects in the deployment and their attributes.
Remediation
The vulnerability has been fixed in the versions 11.0.4, 12.0.0, and 13.0.0.