CVE-2017-16613

EUVD-2017-0133
An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0 when used with OpenStack Swift through 2.15.1. The Swift object store and proxy server are saving (unhashed) tokens retrieved from the Swauth middleware authentication mechanism to a log file as part of a GET URI. This allows attackers to bypass authentication by inserting a token into an X-Auth-Token header of a new request. NOTE: github.com/openstack/swauth URLs do not mean that Swauth is maintained by an official OpenStack project team.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 84%
Affected Products (NVD)
VendorProductVersion
openstackswauth
𝑥
≤ 1.2.0
openstackswift
𝑥
≤ 2.15.1
debiandebian_linux
9.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
swauth
artful
ignored
bionic
not-affected
cosmic
not-affected
disco
not-affected
eoan
dne
focal
dne
groovy
dne
hirsute
dne
impish
dne
jammy
dne
mantic
dne
noble
dne
trusty
dne
xenial
needed
zesty
Fixed 1.2.0-2+deb9u1ubuntu0.17.04.1
released
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/101926
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882314
https://bugs.launchpad.net/swift/+bug/1655781
https://github.com/openstack/swauth/commit/70af7986265a3defea054c46efc82d0698917298
https://www.debian.org/security/2017/dsa-4044
http://www.securityfocus.com/bid/101926
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882314
https://bugs.launchpad.net/swift/+bug/1655781
https://github.com/openstack/swauth/commit/70af7986265a3defea054c46efc82d0698917298
https://www.debian.org/security/2017/dsa-4044