OpenStack Security Advisory: 2012-001 CVE: CVE-2012-0030 Date: January 11, 2012 Title: Tenant bypass by authenticated users using OpenStack API Impact: Critical Reporters: Nachi Ueno, Rohit Karajgi, Venkatesan Ravikumar Products: Nova Affects: 2011.3, Essex Description: Nachi Ueno (NTT PF lab), Rohit Karajgi (Vertex) and Venkatesan Ravikumar (HP) discovered a vulnerability in Nova API nodes handling of incoming requests. An authenticated user may craft malicious commands to affect resources on tenants he is not a member of, potentially leading to incorrect billing, quota escaping or compromise of computing resources created by a third-party. Only setups allowing the OpenStack API are affected. Fixes: Essex: https://github.com/openstack/nova/commit/c9c09bd60e7a0e0258d218a31d7878755bea1395 2011.3: https://github.com/openstack/nova/commit/3d4ffb64f1e18117240c26809788528979e3bd15 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0030 https://bugs.launchpad.net/nova/+bug/904072 Notes: This fix will be included in the Essex-3 development milestone and in the 2011.3.1 release, expected next week. -- Thierry Carrez (ttx) OpenStack Vulnerability Management Team