ID CVE-2015-1852 Type cve Reporter NVD Modified 2016-12-23T21:59:06
Description
The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate, a different vulnerability than CVE-2014-7144.
{"title": "CVE-2015-1852", "reporter": "NVD", "enchantments": {"vulnersScore": 4.3}, "published": "2015-04-17T13:59:02", "cvelist": ["CVE-2015-1852"], "viewCount": 2, "objectVersion": "1.2", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1852", "bulletinFamily": "NVD", "hashmap": [{"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "8ba0923dfe5ef2d03e6d22a3479f4239", "key": "cpe"}, {"hash": "1085e5e204bcd591706a7f4627ea4e6c", "key": "cvelist"}, {"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "6747a22760bcec85d310a55fd8a17c1e", "key": "description"}, {"hash": "07c9d985efe9d820253a250ccdb83363", "key": "href"}, {"hash": "12458f062704a7394a3fe0a59424c88f", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "741ea96d0388f91d380b00c437b804dc", "key": "published"}, {"hash": "8a72a13454ab1612c93dd40c65492607", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "3a96e93d98be0496cf971c6322b2b4de", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}], "history": [{"bulletin": {"reporter": "NVD", "published": "2015-04-17T13:59:02", "cvelist": ["CVE-2015-1852"], "title": "CVE-2015-1852", "objectVersion": "1.2", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1852", "bulletinFamily": "NVD", "id": "CVE-2015-1852", "history": [], "scanner": [], "cpe": ["cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~", "cpe:/a:openstack:python-keystoneclient:1.3.0", "cpe:/a:openstack:keystonemiddleware:1.5.0"], "modified": "2016-08-02T14:30:44", "hash": "c1cb202a8d312c47b1c8555735c0a3bd9ab1c6b645824d05f39a66f05feca20b", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "viewCount": 0, "edition": 1, "assessment": {"name": "", "href": "", "system": ""}, "references": ["http://lists.openstack.org/pipermail/openstack-announce/2015-April/000350.html", "http://www.securityfocus.com/bid/74187", "http://www.ubuntu.com/usn/USN-2705-1", "https://bugs.launchpad.net/keystonemiddleware/+bug/1411063"], "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "741ea96d0388f91d380b00c437b804dc", "key": "published"}, {"hash": "4b4370f118a3736c1ab5ec3563292e9d", "key": "references"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "8ba0923dfe5ef2d03e6d22a3479f4239", "key": "cpe"}, {"hash": "07c9d985efe9d820253a250ccdb83363", "key": "href"}, {"hash": "a6c532fed3e983ebe189a45491fbdd13", "key": "modified"}, {"hash": "1085e5e204bcd591706a7f4627ea4e6c", "key": "cvelist"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "3a96e93d98be0496cf971c6322b2b4de", "key": "title"}, {"hash": "6747a22760bcec85d310a55fd8a17c1e", "key": "description"}], "lastseen": "2016-09-03T22:12:35", "description": "The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the \"insecure\" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate, a different vulnerability than CVE-2014-7144."}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T22:12:35"}], "scanner": [], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "modified": "2016-12-23T21:59:06", "hash": "e7bae588e752dc2619246085b26fee446b56143f2d04595239e779d0166bd97f", "cpe": ["cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~", "cpe:/a:openstack:python-keystoneclient:1.3.0", "cpe:/a:openstack:keystonemiddleware:1.5.0"], "edition": 2, "description": "The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the \"insecure\" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate, a different vulnerability than CVE-2014-7144.", "references": ["http://lists.openstack.org/pipermail/openstack-announce/2015-April/000350.html", "http://www.securityfocus.com/bid/74187", "http://www.ubuntu.com/usn/USN-2705-1", "http://rhn.redhat.com/errata/RHSA-2015-1685.html", "http://rhn.redhat.com/errata/RHSA-2015-1677.html", "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", "https://bugs.launchpad.net/keystonemiddleware/+bug/1411063"], "id": "CVE-2015-1852", "lastseen": "2017-04-18T15:56:15", "assessment": {"name": "", "href": "", "system": ""}}
{"result": {"nessus": [{"id": "FEDORA_2015-11656.NASL", "type": "nessus", "title": "Fedora 22 : python-keystonemiddleware-1.3.2-1.fc22 (2015-11656)", "description": "Update to upstream 1.3.2 which incldes fix for CVE-2015-1852 Update to upstream 1.3.1 + S3token incorrect condition expression for ssl_insecure CVE-2015-1852\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-07-20T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=84855", "cvelist": ["CVE-2015-1852"], "lastseen": "2017-10-29T13:40:34"}, {"id": "UBUNTU_USN-2705-1.NASL", "type": "nessus", "title": "Ubuntu 14.04 LTS / 15.04 : python-keystoneclient, python-keystonemiddleware vulnerabilities (USN-2705-1)", "description": "Qin Zhao discovered Keystone disabled certification verification when the 'insecure' option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate. (CVE-2014-7144)\n\nBrant Knudson discovered Keystone disabled certification verification when the 'insecure' option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate. (CVE-2015-1852).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-08-06T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=85253", "cvelist": ["CVE-2015-1852", "CVE-2014-7144"], "lastseen": "2017-10-29T13:42:04"}], "openvas": [{"id": "OPENVAS:1361412562310869782", "type": "openvas", "title": "Fedora Update for python-keystonemiddleware FEDORA-2015-11656", "description": "Check the version of python-keystonemiddleware", "published": "2015-07-19T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869782", "cvelist": ["CVE-2015-1852"], "lastseen": "2017-07-25T10:53:54"}, {"id": "OPENVAS:1361412562310842402", "type": "openvas", "title": "Ubuntu Update for python-keystoneclient USN-2705-1", "description": "Check the version of python-keystoneclient", "published": "2015-08-06T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842402", "cvelist": ["CVE-2015-1852", "CVE-2014-7144"], "lastseen": "2017-12-04T11:24:23"}], "redhat": [{"id": "RHSA-2015:1685", "type": "redhat", "title": "(RHSA-2015:1685) Moderate: python-keystoneclient security update", "description": "Python-keystoneclient is a client library and a command-line utility\nfor interacting with the OpenStack Identity API.\n\nIt was discovered that some items in the S3Token configuration as used by\npython-keystoneclient were incorrectly evaluated as strings, an issue\nsimilar to CVE-2014-7144. If the \"insecure\" option was set to \"false\", the\noption would be evaluated as true, resulting in TLS connections being\nvulnerable to man-in-the-middle attacks. Note: The \"insecure\" option\ndefaults to false, so setups that do not specifically define\n\"insecure=false\" are not affected. (CVE-2015-1852)\n\nRed Hat would like to thank the OpenStack project for reporting this issue.\nUpstream acknowledges Brant Knudson from IBM as the original reporter.\n\nAll python-keystoneclient users are advised to upgrade to these updated\npackages, which contain a backported patch to correct this issue.\n", "published": "2015-08-25T04:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://access.redhat.com/errata/RHSA-2015:1685", "cvelist": ["CVE-2014-7144", "CVE-2015-1852"], "lastseen": "2018-03-19T21:56:58"}, {"id": "RHSA-2015:1677", "type": "redhat", "title": "(RHSA-2015:1677) Moderate: python-keystoneclient and python-keystonemiddlware security update", "description": "Python-keystonemiddleware (formely python-keystoneclient) is a client library\nand a command line utility for interacting with the OpenStack Identity API.\n\nRed Hat Enterprise OpenStack Platform 6.0 contains and uses both the\npython-keystonemiddleware and python-keystoneclient versions of this\npackage.\n\nIt was discovered that some items in the the S3Token configuration as used\nby python-keystonemiddleware and python-keystoneclient were incorrectly\nevaluated as strings, an issue similar to CVE-2014-7144. This would result\nin a setting for 'insecure=false' to evaluate as true and leave TLS\nconnections open to MITM. (CVE-2015-1852)\n\nRed Hat would like to thank the OpenStack project for reporting this issue.\nUpstream acknowledges Brant Knudson from IBM as the original reporter.\n\nNote: \"insecure\" defaults to false, so setups that do not specifically define\n\"insecure=false\" are unaffected.\n\nAll python-keystoneclient users are advised to upgrade to these updated\npackages, which correct these issues.\n", "published": "2015-08-24T04:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://access.redhat.com/errata/RHSA-2015:1677", "cvelist": ["CVE-2014-7144", "CVE-2015-1852"], "lastseen": "2018-03-19T21:56:43"}], "ubuntu": [{"id": "USN-2705-1", "type": "ubuntu", "title": "Keystone vulnerabilities", "description": "Qin Zhao discovered Keystone disabled certification verification when the \u201cinsecure\u201d option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate. (CVE-2014-7144)\n\nBrant Knudson discovered Keystone disabled certification verification when the \u201cinsecure\u201d option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate. (CVE-2015-1852)", "published": "2015-08-06T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://usn.ubuntu.com/2705-1/", "cvelist": ["CVE-2015-1852", "CVE-2014-7144"], "lastseen": "2018-03-29T18:17:53"}]}}