CVE-2015-7546
Summary
| CVE | CVE-2015-7546 |
|---|---|
| State | PUBLISHED |
| Assigner | redhat |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2016-02-03 18:59:04 UTC |
| Updated | 2026-05-06 22:30:45 UTC |
| Description | The identity service in OpenStack Identity (Keystone) before 2015.1.3 (Kilo) and 8.0.x before 8.0.2 (Liberty) and keystonemiddleware (formerly python-keystoneclient) before 1.5.4 (Kilo) and Liberty before 2.3.3 does not properly invalidate authorization tokens when using the PKI or PKIZ token providers, which allows remote authenticated users to bypass intended access restrictions and gain access to cloud resources by manipulating byte fields within a revoked token. |
Risk And Classification
Primary CVSS: v3.1 7.5 HIGH from [email protected]
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Problem Types: CWE-522 | n/a
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | [email protected] | Primary | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
| 2.0 | [email protected] | Primary | 6 | AV:N/AC:M/Au:S/C:P/I:P/A:P |
CVSS v3.1 Breakdown
Attack Vector
NetworkAttack Complexity
HighPrivileges Required
LowUser Interaction
NoneScope
UnchangedConfidentiality
HighIntegrity
HighAvailability
HighCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
MediumAuthentication
SingleConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:N/AC:M/Au:S/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Openstack | Keystone | All | All | All | All |
| Application | Openstack | Keystone | All | All | All | All |
| Application | Openstack | Keystonemiddleware | All | All | All | All |
| Application | Openstack | Keystonemiddleware | All | All | All | All |
| Operating System | Oracle | Solaris | 11.3 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| OSSA-2016-005: Potential reuse of revoked Identity tokens — OpenStack Security Advisories 2014.2.0.dev100 documentation | af854a3a-2127-422b-91ae-364da2661108 | security.openstack.org | Patch, Vendor Advisory |
| OpenStack Keystone PKI Token Revocation CVE-2015-7546 Security Bypass Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Third Party Advisory, VDB Entry |
| OSSN/OSSN-0062 - OpenStack | af854a3a-2127-422b-91ae-364da2661108 | wiki.openstack.org | Vendor Advisory |
| Bug #1490804 “[OSSA 2016-005] PKI Token Revocation Bypass (CVE-2...” : Bugs : OpenStack Identity (keystone) | af854a3a-2127-422b-91ae-364da2661108 | bugs.launchpad.net | Issue Tracking, Third Party Advisory |
| Oracle Solaris Bulletin - April 2016 | af854a3a-2127-422b-91ae-364da2661108 | www.oracle.com | Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.