Insufficient Session Expiration

CVE-2020-12690

High

8.8/10

Summary

An issue was discovered in OpenStack Keystone before 15.0.1, 16.0.0.0rc1 through 16.0.0 and 17.0.0.0rc1. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended, possibly giving unintended escalated access.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-613 - Insufficient Session Expiration

According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."

References

Advisory
Mail Thread
Advisory
Issue

Advisory Timeline

Published May 07, 2020

Insufficient Session Expiration

CVE-2020-12690

Summary

CWE-613 - Insufficient Session Expiration

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS