GitHub Advisory DatabaseGHSA-22JM-4HXW-35JFOpenStack Nova can leak consoleauth token into log files
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
3.3 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.1 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.8%
An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service’s logs may obtain tokens used for console access. All Nova setups using novncproxy are affected. This is related to NovaProxyRequestHandlerBase.new_websocket_client in console/websocketproxy.py.
Affected configurations
References
www.openwall.com/lists/oss-security/2020/02/19/2
github.com/advisories/GHSA-22jm-4hxw-35jf
github.com/openstack/nova/commit/08f1f914cc219cf526adfb08c46b8f40b4e78232
github.com/openstack/nova/commit/26d4047e17eba9bc271f8868f1d0ffeec97b555e
github.com/openstack/nova/commit/d8fbf04f325f593836f8d44b6bbf42b85bde94e3
launchpad.net/bugs/1492140
nvd.nist.gov/vuln/detail/CVE-2015-9543
review.opendev.org/220622
security.openstack.org/ossa/OSSA-2020-001.html
Related
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
3.3 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.1 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.8%