Bug 1809855 (CVE-2020-9543)
Summary: | CVE-2020-9543 openstack-manila: User with share-network UUID is able to show, create and delete shares | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Joshua Padman <jpadman> | ||||||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||||||
Status: | CLOSED ERRATA | QA Contact: | |||||||||
Severity: | medium | Docs Contact: | |||||||||
Priority: | medium | ||||||||||
Version: | unspecified | CC: | ccopello, dbecker, gouthamr, jjoyce, jschluet, kbasil, lhh, lpeer, mburns, sclewis, security-response-team, slinaber, slong, tbarron | ||||||||
Target Milestone: | --- | Keywords: | Security | ||||||||
Target Release: | --- | ||||||||||
Hardware: | All | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | manila 7.4.1, manila 8.1.1, manila 9.1.1 | Doc Type: | If docs needed, set a value | ||||||||
Doc Text: |
An access flaw was found in openstack-manila, where the API did not validate the user/project on commands. A malicious user having the UUID of a share-network could view, update, delete, or share resources that did not belong to them. Attackers could also create resources on shared networks (for example, shared file systems or groups of shares).
|
Story Points: | --- | ||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2020-04-06 10:32:15 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Bug Depends On: | 1810367, 1810368, 1810369, 1812356, 1814000 | ||||||||||
Bug Blocks: | 1809857 | ||||||||||
Attachments: |
|
Description
Joshua Padman
2020-03-04 03:03:05 UTC
Acknowledgments: Name: the OpenStack Manila project Mitigation: There is no known mitigation for this issue, the flaw can only be resolved by applying updates. Created attachment 1667633 [details]
Pike patch
Created attachment 1667634 [details]
Queens patch
Created attachment 1667635 [details]
Ussuri patch
Upstream bug: https://bugs.launchpad.net/manila/+bug/1861485 Upstream fixes: train: https://review.opendev.org/712163 stein: https://review.opendev.org/712164 rocky: https://review.opendev.org/712165 queens: https://review.opendev.org/712166 Created openstack-manila tracking bugs for this issue: Affects: openstack-rdo [bug 1812356] References: https://bugs.launchpad.net/manila/+bug/1861485 External References: https://security.openstack.org/ossa/OSSA-2020-002.html This issue has been addressed in the following products: Red Hat OpenStack Platform 15.0 (Stein) Via RHSA-2020:1326 https://access.redhat.com/errata/RHSA-2020:1326 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-9543 This issue has been addressed in the following products: Red Hat OpenStack Platform 16.0 (Train) Via RHSA-2020:2165 https://access.redhat.com/errata/RHSA-2020:2165 This issue has been addressed in the following products: Red Hat OpenStack Platform 13.0 (Queens) Red Hat OpenStack Platform 13.0 (Queens) for RHEL 7.6 EUS Via RHSA-2020:2729 https://access.redhat.com/errata/RHSA-2020:2729 |