CVE-2017-16613
First published: Tue Nov 21 2017(Updated: )
An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0 when used with OpenStack Swift through 2.15.1. The Swift object store and proxy server are saving (unhashed) tokens retrieved from the Swauth middleware authentication mechanism to a log file as part of a GET URI. This allows attackers to bypass authentication by inserting a token into an X-Auth-Token header of a new request. NOTE: github.com/openstack/swauth URLs do not mean that Swauth is maintained by an official OpenStack project team.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| OpenStack Swauth | <=1.2.0 | |
| OpenStack Swift | <=2.15.1 | |
| Debian Debian Linux | =9.0 | |
| pip/swauth | <1.3.0 | 1.3.0 |
| debian/swauth | <=1.2.0-1<=1.2.0-3 | 1.2.0-4 1.2.0-2+deb9u1 |
| debian/swauth |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/101926
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882314
- https://bugs.launchpad.net/swift/+bug/1655781
- https://github.com/openstack/swauth/commit/70af7986265a3defea054c46efc82d0698917298
- https://www.debian.org/security/2017/dsa-4044
- https://security-tracker.debian.org/tracker/CVE-2017-16613
- http://127.0.0.1:8080/auth/v1.0
- http://127.0.0.1:8080/v1/AUTH_.auth/.token_0/AUTH_tkc9ccde1d34c44c82ac1d260ddbd18df0
- http://127.0.0.1:8080/v1/AUTH_d7f474ad-bfd1-47d4-a41c-8c727b3b5254?format=json
- https://github.com/openstack/swauth
- https://anonscm.debian.org/cgit/openstack/services/swauth.git/commit/?id=9ec605f
- https://nvd.nist.gov/vuln/detail/CVE-2017-16613
- https://web.archive.org/web/20200227140059/http://www.securityfocus.com/bid/101926
- https://github.com/advisories/GHSA-qhq8-xwqv-pvv9 (Advisory)
- https://github.com/pypa/advisory-database/tree/main/vulns/swauth/PYSEC-2017-84.yaml
Frequently Asked Questions
What is the severity of CVE-2017-16613?
The severity of CVE-2017-16613 is 9.8 (Critical).
What is the affected software?
The affected software includes OpenStack Swauth versions up to 1.3.0-2 and OpenStack Swift versions up to 2.15.1.
How does CVE-2017-16613 affect OpenStack Swauth?
CVE-2017-16613 allows unhashed tokens retrieved from the Swauth middleware authentication mechanism to be saved to a log file as part of a GET URI.
How can I fix CVE-2017-16613?
To fix CVE-2017-16613, update OpenStack Swauth to version 1.3.0-2 or later.
Is there any additional information about CVE-2017-16613?
Additional information about CVE-2017-16613 can be found at the following references: [1](https://bugs.launchpad.net/swift/+bug/1655781), [2](https://security-tracker.debian.org/tracker/CVE-2017-16613), [3](http://127.0.0.1:8080/auth/v1.0)
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/severity
- agent/remedy
- agent/references
- agent/weakness
- agent/description
- collector/debian-bugs
- source/Debian
- alias/CVE-2017-16613
- agent/software-canonical-lookup
- collector/nvd-cve
- source/NVD
- agent/author
- collector/github-advisory
- source/GitHub
- alias/GHSA-qhq8-xwqv-pvv9
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/tags
- collector/security-tracker-debian
- agent/softwarecombine
- collector/github-advisory-latest
- vendor/openstack
- canonical/openstack swauth
- version/openstack swauth/1.2.0
- canonical/openstack swift
- version/openstack swift/2.15.1
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/9.0
- package-manager/debian
- package-manager/pip