Openshift-logging: lokistack authorisation is cached too broadly
CVE-2023-4456

5.7MEDIUM

Key Information:

Vendor: Red Hat
Status: Rhol-5.5-rhel-8; Rhol-5.6-rhel-8; Rhol-5.7-rhel-8
Vendor: CVE Published:; 21 August 2023

Summary

A flaw was found in openshift-logging LokiStack. The key used for caching is just the token, which is too broad. This issue allows a user with a token valid for one action to execute other actions as long as the authorization allowing the original action is still cached.

Affected Version(s)

RHOL-5.5-RHEL-8 v0.1.0-327

RHOL-5.6-RHEL-8 v0.1.0-326

RHOL-5.7-RHEL-8 v0.1.0-325

References

https://access.redhat.com/errata/RHSA-2023:4933

vendor-advisoryx_refsource_REDHAT

https://access.redhat.com/errata/RHSA-2023:5095

vendor-advisoryx_refsource_REDHAT

https://access.redhat.com/errata/RHSA-2023:5096

vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Aug 21, 2023
Vulnerability Reserved
Aug 21, 2023

Credit

This issue was discovered by Robert Jacob (Red Hat).

.