DescriptionThe keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full "member" role access to every project. This allowed these users to access, modify, create and delete arbitrary resources, contrary to expectations.
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
|National Vulnerability Database|
|National Vulnerability Database||SUSE|
|Access Vector||Network||Adjacent Network|
Status of this issue by product and package
Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification.
|HPE Helion OpenStack 8||python-keystone-json-assignment||Released|
|SUSE OpenStack Cloud 8||python-keystone-json-assignment||Released|
|SUSE OpenStack Cloud Crowbar 8||python-keystone-json-assignment||Released|