Miggo Logo

CVE-2020-9543: OpenStack Manila Unprivileged users can retrieve, use and manipulate share networks

8.3

CVSS Score
3.1

Basic Information

EPSS Score
0.54749%
Published
5/24/2022
Updated
9/30/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Package NameEcosystemVulnerable VersionsFirst Patched Version
manilapip< 7.4.17.4.1
manilapip>= 8.0.0, < 8.1.18.1.1
manilapip>= 9.0.0, < 9.1.19.1.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from missing project isolation in share network database queries. The commit diff shows the critical addition of 'project_only=True' to the model_query in _network_get_query. This parameter enforces tenant isolation in OpenStack's policy framework. Prior to the fix, the absence of this check allowed context-free UUID lookups across projects. The tests (test_api.py) were also modified to use elevated contexts for cross-project operations, confirming the default API behavior lacked proper scoping.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Op*nSt**k M*nil* <*.*.*, >=*.*.* <*.*.*, *n* >=*.*.* <*.*.* *llows *tt**k*rs to vi*w, up**t*, **l*t*, or s**r* r*sour**s t**t *o not **lon* to t**m, ****us* o* * *ont*xt-*r** lookup o* * UUI*. *tt**k*rs m*y *lso *r**t* r*sour**s, su** *s s**r** *il*

Reasoning

T** vuln*r**ility st*mm** *rom missin* proj**t isol*tion in s**r* n*twork **t***s* qu*ri*s. T** *ommit *i** s*ows t** *riti**l ***ition o* 'proj**t_only=Tru*' to t** mo**l_qu*ry in _n*twork_**t_qu*ry. T*is p*r*m*t*r *n*or**s t*n*nt isol*tion in Op*nS