9.8

CVSS Score

3.0

Basic Information

CVE ID

CVE-2017-16613

GHSA ID

GHSA-qhq8-xwqv-pvv9

EPSS Score

0.86336%

CWE

CWE-287

Published

5/17/2022

Updated

10/28/2024

KEV Status

Technology

Python

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2017-16613

CVE-2017-16613:
OpenStack Swauth object/proxy server writing Auth Token to log file

An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0 when used with OpenStack Swift through 2.15.1. The Swift object store and proxy server are saving (unhashed) tokens retrieved from the Swauth middleware authentication mechanism to a log file as part of a GET URI. This allows attackers to bypass authentication by inserting a token into an X-Auth-Token header of a new request. NOTE: github.com/openstack/swauth URLs do not mean that Swauth is maintained by an official OpenStack project team.

(GitHub Advisory)

9.8

CVSS Score

3.0

Basic Information

CVE ID

CVE-2017-16613

GHSA ID

GHSA-qhq8-xwqv-pvv9

EPSS Score

0.86336%

CWE

CWE-287

Published

5/17/2022

Updated

10/28/2024

KEV Status

Technology

Python

Technical Details

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
swauth	pip	< 1.3.0	1.3.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from Swauth middleware using raw authentication tokens as part of object names in Swift paths. These paths are logged by Swift's proxy/object servers. The pre-patch code in middleware.py directly embedded tokens in paths via string formatting (e.g., '/v1/%s/.token_%s/%s' % (auth_account, token[-1], token)). The commit 70af798 introduced _get_concealed_token() to hash tokens before path construction, explicitly fixing these four functions where raw tokens were used. The functions' direct involvement in token path creation and the explicit patch modifications confirm their vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n issu* w*s *is*ov*r** in mi**l*w*r*.py in Op*nSt**k Sw*ut* t*rou** *.*.* w**n us** wit* Op*nSt**k Swi*t t*rou** *.**.*. T** Swi*t o*j**t stor* *n* proxy s*rv*r *r* s*vin* (un**s***) tok*ns r*tri*v** *rom t** Sw*ut* mi**l*w*r* *ut**nti**tion m****ni

Reasoning

T** vuln*r**ility st*ms *rom Sw*ut* mi**l*w*r* usin* r*w *ut**nti**tion tok*ns *s p*rt o* o*j**t n*m*s in Swi*t p*t*s. T**s* p*t*s *r* lo**** *y Swi*t's proxy/o*j**t s*rv*rs. T** pr*-p*t** *o** in mi**l*w*r*.py *ir**tly *m****** tok*ns in p*t*s vi* s

9.8

Basic Information

Concerned about an active attack path?

CVE-2017-16613: OpenStack Swauth object/proxy server writing Auth Token to log file

9.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2017-16613:
OpenStack Swauth object/proxy server writing Auth Token to log file

Vulnerability Intelligence
Miggo AI