Ubuntu 24.04 LTS / 25.10 : Keystone Middleware vulnerability (USN-8008-1)

The remote Ubuntu 24.04 LTS / 25.10 host has a package installed that is affected by a vulnerability as referenced in the USN-8008-1 advisory. Grzegorz Grasza discovered that the Keystone Middleware incorrectly sanitized authentication headers before processing OAuth 2.0 tokens. An attacker could...

USN-8008-1: Keystone Middleware vulnerability

Grzegorz Grasza discovered that the Keystone Middleware incorrectly sanitized authentication headers before processing OAuth 2.0 tokens. An attacker could possibly use this issue to escalate privileges or impersonate other users...

OpenStack Keystone Middleware security vulnerabilities

OpenStack Keystone Middleware is a core certification component of the OpenStack open-source project. Vulnerabilities exist in versions prior to 10.7.2, 10.9.1, and 10.12.1 of OpenStack Keystone Middleware. These vulnerabilities stem from uncleaned authentication headers, which may lead to...

OpenStack Nova uses insecure keystone middleware tmpdir by default

keystone/middleware/authtoken.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova...

Authorization Bypass

python-keystoneclient is vulnerable to authorization bypass. An attacker with direct write access to the memcache backend is able to insert malicious data and bypass the encryption to tamper the encrypted data or modify data in memcached. Only setups that use memcache caching in the Keystone...

keystonemiddleware/keystoneclient: S3Token TLS cert verification option not honored

It was discovered that some items in the S3Token paste configuration as used by python-keystonemiddleware formerly python-keystoneclient were incorrectly evaluated as strings, an issue similar to CVE-2014-7144. If the "insecure" option were set to "false", the option would be evaluated as true,...

PYSEC-2015-30

The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...

DEBIAN-CVE-2014-7144

OpenStack keystonemiddleware formerly python-keystoneclient 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct man-in-the-middle...

openSUSE Security Update : openstack-nova (openSUSE-SU-2013:1087-1)

This update of openstack-nova fixes a security vulnerability. - Add CVE-2013-2030.patch: fix insecure keystone middleware tmpdir by default CVE-2013-2030, bnc819349. - Use explicit keystone-signing dir to workaround lp1181157. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

python-keystoneclient: Potential context confusion in Keystone middleware

The authtoken middleware in the OpenStack Python client library for Keystone aka python-keystoneclient before 0.7.0 does not properly retrieve user tokens from memcache, which allows remote authenticated users to gain privileges in opportunistic circumstances via a large number of requests, relat...