[OSSA 2013-015] Authentication bypass when using LDAP backend (CVE-2013-2157)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
OpenStack Security Advisory: 2013-015 CVE: CVE-2013-2157 Date: June 13, 2013 Title: Authentication bypass when using LDAP backend Reporter: Jose Castro Leon (CERN) Products: Keystone Affects: Folsom, Grizzly
Description: Jose Castro Leon from CERN reported a vulnerability in the way the Keystone LDAP backend authenticates users. When provided with an empty password, the backend would perform an anonymous LDAP bind that would result in successfully authenticating the user. An attacker could therefore easily impersonate and get valid tokens for any user. Only Keystone setups using LDAP authentication backend are affected.
Havana (development branch) fix: https://review.openstack.org/#/c/32896/
Grizzly fix: https://review.openstack.org/#/c/32895/
Folsom fix: https://review.openstack.org/#/c/32894/
References: https://bugs.launchpad.net/keystone/+bug/1187305 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2157
- -- Thierry Carrez (ttx) OpenStack Vulnerability Management Team
participants (1)
-
Thierry Carrez