Insecurely generated session ID in vpn_ping()
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
Low
|
Tony Breeds | ||
OpenStack Security Advisory |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
On this line: https:/
Session IDs which are not generated using a cryptographically suitable random number generation function maybe be vulnerable to session hijacking attacks if an adversary can predict the session ID.
I'm not familiar enough with the code to be able to assess the impact of this vulnerability, but if it really is unimportant to have non-predictable session IDs, we should explicitly call it out via a comment in the code. If this session ID should be cryptographically unpredictable, it should be a simple fix.
Changed in nova: | |
status: | New → Confirmed |
importance: | Undecided → Low |
Changed in nova: | |
assignee: | nobody → Tony Breeds (o-tony) |
Changed in nova: | |
milestone: | none → kilo-3 |
status: | Fix Committed → Fix Released |
description: | updated |
Changed in nova: | |
milestone: | kilo-3 → 2015.1.0 |
Since this report concerns a possible security risk, an incomplete security advisory task has been added while the core security reviewers for the affected project or projects confirm the bug and discuss the scope of any vulnerability along with potential solutions.