1510015 – (CVE-2017-15114) CVE-2017-15114 rhosp-director: Passwordless access for non-libvirt related services when using shared certificate authority

Bug 1510015 (CVE-2017-15114) - CVE-2017-15114 rhosp-director: Passwordless access for non-libvirt related services when using shared certificate authority

Summary: CVE-2017-15114 rhosp-director: Passwordless access for non-libvirt related se...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2017-15114
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1510216
Blocks:	1510020
TreeView+	depends on / blocked

Reported:	2017-11-06 14:43 UTC by Adam Mariš
Modified:	2021-02-17 01:17 UTC (History)
CC List:	27 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2017-12-07 05:12:00 UTC
Embargoed:

Attachments	(Terms of Use)

Description Adam Mariš 2017-11-06 14:43:28 UTC

It was found that if OSP-D is configured with TLS authentication for libvirtd and is using the same certificate authority for non-libvirt related services as well, these services are able to connect to libvirtd as root without any password.

Comment 1 Adam Mariš 2017-11-06 14:43:32 UTC

Acknowledgments:

Name: Daniel P. Berrange (Red Hat)

Comment 7 Joshua Padman 2017-11-14 10:36:04 UTC

Removed embargo as the patches were made public upstream.
https://review.openstack.org/#/c/519015/

Comment 11 Joshua Padman 2017-12-07 05:13:14 UTC

External References:

https://bugs.launchpad.net/tripleo/+bug/1730370

Note You need to log in before you can comment on or make changes to this bug.

apevec
athomas
berrange
chrisw
dbecker
emilien
gmollett
jjoyce
josorior
jpadman
jschluet
kbasil
lhh
lpeer
lyarwood
markmc
mburns
morazi
owalsh
rbryant
rhel-osp-director-maint
sclewis
security-response-team
sgordon
shardy
slinaber
tdecacqu