2035793 – (CVE-2021-4180) CVE-2021-4180 openstack-tripleo-heat-templates: data leak of internal URL through keystone_authtoken

Bug 2035793 (CVE-2021-4180) - CVE-2021-4180 openstack-tripleo-heat-templates: data leak of internal URL through keystone_authtoken

Summary: CVE-2021-4180 openstack-tripleo-heat-templates: data leak of internal URL thr...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2021-4180
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2035795 2037439 2037440
Blocks:	2035405 2035796
TreeView+	depends on / blocked

Reported:	2021-12-27 17:43 UTC by Guilherme de Almeida Suckevicz
Modified:	2022-12-07 20:27 UTC (History)
CC List:	12 users (show)
Fixed In Version:	openstack-tripleo-heat-templates 11.6.1
Clone Of:
Environment:
Last Closed:	2022-03-24 01:44:55 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Launchpad	1955397	None	None	None	2022-01-17 15:52:07 UTC
OpenStack gerrit	823611	None	MERGED	Use public endpoint for [keystone_authtoken] www_authenticate_uri	2022-01-17 15:52:07 UTC
Red Hat Product Errata	RHSA-2022:0995	None	None	None	2022-03-23 22:28:24 UTC
Red Hat Product Errata	RHSA-2022:8796	None	None	None	2022-12-07 20:27:40 UTC

Description Guilherme de Almeida Suckevicz 2021-12-27 17:43:49 UTC

According to parameter description, [keystone_authtoken] www_authenticate_uri should be public URL. However TripleO currently uses internal endpoint for this parameter.

References:
https://bugs.launchpad.net/tripleo/+bug/1955397
https://bugzilla.redhat.com/show_bug.cgi?id=2034203

Comment 1 Guilherme de Almeida Suckevicz 2021-12-27 17:45:17 UTC

Created openstack-tripleo-heat-templates tracking bugs for this issue:

Affects: openstack-rdo [bug 2035795]

Comment 3 Nick Tait 2022-01-14 19:09:09 UTC

Fix has been merged to several branches upstream (one is here https://review.opendev.org/c/openstack/tripleo-heat-templates/+/822306). See the launchpad bug page for others.

Comment 4 errata-xmlrpc 2022-03-23 22:28:22 UTC

This issue has been addressed in the following products:

  Red Hat OpenStack Platform 16.2

Via RHSA-2022:0995 https://access.redhat.com/errata/RHSA-2022:0995

Comment 5 Product Security DevOps Team 2022-03-24 01:44:53 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-4180

Comment 6 errata-xmlrpc 2022-12-07 20:27:38 UTC

This issue has been addressed in the following products:

  Red Hat OpenStack Platform 16.1

Via RHSA-2022:8796 https://access.redhat.com/errata/RHSA-2022:8796

Note You need to log in before you can comment on or make changes to this bug.