[Openstack] Security Breach! Tenant A is seeing the VNC Consoles of Tenant B!

gustavo panizzo <gfa> gfa at zumbi.com.ar
Mon Dec 23 18:53:52 UTC 2013


is the user member of the two tenants?

"Martinx - ジェームズ" <thiagocmartinsc at gmail.com> wrote:
>Stackers!
>
>I need a bit help here...
>
>My OpenStack Havana (Ubuntu 12.04.3) was working smoothly and, I don't
>know
>what had happened here but, now, I'm seeing some weird problems.
>
>Right now, the "Tenant A" is seeing the VNC Consoles of "Tenant B" !!!
>
>How is that even possible?! There is no authentication here to deal
>with
>this kind of things!? I'm really worried about this.
>
>Look:
>
>"Tenant A" Instances:
>
>[image: Inline images 1]
>
>
>"Tenant A" accessing the VNC Console of a "Tenant B" Instance!!!
>
>[image: Inline images 2]
>
>
>This is a very serious problem, since I'm giving to the "Tenant A",
>almost
>total access to "Tenant B" Instances!! This kind of situation should
>NEVER
>occur!
>
>What can I do to completely block this?
>
>I just started a new Instance for "Tenant A", and I'm seeing ANOTHER
>VNC
>Console from "Tenant B"!!
>
>Regards,
>Thiago
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Mailing list:
>http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>Post to     : openstack at lists.openstack.org
>Unsubscribe :
>http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

--
1AE0 322E B8F7 4717 BDEA BF1D 44BB 1BA7 9F6C 6333
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20131223/991b4972/attachment.html>


More information about the Openstack mailing list