Comment 34 for bug 1872733
Revision history for this message
| Nick Tait (nickthetait) wrote Re: Keystone V3 /credentials endpoint policy logic allows to change credentials owner or target project ID | #34 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
demo site
(Get the code!)
I support Class A for this. Eagerly awaiting CVE assignment. Simplified the description a little, you are welcome to use this:
kay reported a vulnerability in Keystone's EC2 credentials API. Any authenticated user could create an EC2 credential in a project that they have a specified role on, then modify the credential user and project, allowing them to masquerade as another user. This may enable a malicious user to escalate themselves as an admin which (in some environments) is equivalent to gaining global admin privileges.