2021-05-07 04:54:53 |
Swe W Aung |
bug |
|
|
added bug |
2021-05-07 05:17:46 |
Swe W Aung |
bug |
|
|
added subscriber Sam Morrison |
2021-05-07 05:27:21 |
Swe W Aung |
bug |
|
|
added subscriber Jake Yip |
2021-05-07 14:06:13 |
Jeremy Stanley |
description |
This bug report is related to Security.
Currently novnc is allowing open direction, which could potentially be used for phishing attempts
To test.
https://<sites' vnc domain>//example.com/%2F..
include .. at the end
For example:
http://vncproxy.my.domain.com//example.com/%2F..
It will redirect to example.com. You can replace example.com with some legitimate domain or spoofed domain.
The description of the risk is
By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
Because the server name in the modified link is identical to the original site, phishing attempts may have a more trustworthy appearance. |
This issue is being treated as a potential security risk under
embargo. Please do not make any public mention of embargoed
(private) security vulnerabilities before their coordinated
publication by the OpenStack Vulnerability Management Team in the
form of an official OpenStack Security Advisory. This includes
discussion of the bug or associated fixes in public forums such as
mailing lists, code review systems and bug trackers. Please also
avoid private disclosure to other individuals not already approved
for access to this information, and provide this same reminder to
those who are made aware of the issue prior to publication. All
discussion should remain confined to this private bug report, and
any proposed fixes should be added to the bug as attachments. This
embargo shall not extend past 2021-08-05 and will be made
public by or on that date even if no fix is identified.
This bug report is related to Security.
Currently novnc is allowing open direction, which could potentially be used for phishing attempts
To test.
https://<sites' vnc domain>//example.com/%2F..
include .. at the end
For example:
http://vncproxy.my.domain.com//example.com/%2F..
It will redirect to example.com. You can replace example.com with some legitimate domain or spoofed domain.
The description of the risk is
By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
Because the server name in the modified link is identical to the original site, phishing attempts may have a more trustworthy appearance. |
|
2021-05-07 14:06:27 |
Jeremy Stanley |
bug task added |
|
ossa |
|
2021-05-07 14:06:39 |
Jeremy Stanley |
ossa: status |
New |
Incomplete |
|
2021-05-07 14:07:20 |
Jeremy Stanley |
bug |
|
|
added subscriber Nova Core security contacts |
2021-05-10 00:16:59 |
Swe W Aung |
bug |
|
|
added subscriber Shahaan Ayyub |
2021-05-11 16:02:18 |
Dan Smith |
bug |
|
|
added subscriber melanie witt |
2021-05-11 18:47:20 |
melanie witt |
bug watch added |
|
https://github.com/novnc/noVNC/issues/748 |
|
2021-05-12 22:47:25 |
melanie witt |
bug watch added |
|
http://bugs.python.org/issue32084 |
|
2021-05-12 22:47:25 |
melanie witt |
attachment added |
|
lp1927677.patch https://bugs.launchpad.net/nova/+bug/1927677/+attachment/5496768/+files/lp1927677.patch |
|
2021-05-13 13:34:21 |
Jeremy Stanley |
description |
This issue is being treated as a potential security risk under
embargo. Please do not make any public mention of embargoed
(private) security vulnerabilities before their coordinated
publication by the OpenStack Vulnerability Management Team in the
form of an official OpenStack Security Advisory. This includes
discussion of the bug or associated fixes in public forums such as
mailing lists, code review systems and bug trackers. Please also
avoid private disclosure to other individuals not already approved
for access to this information, and provide this same reminder to
those who are made aware of the issue prior to publication. All
discussion should remain confined to this private bug report, and
any proposed fixes should be added to the bug as attachments. This
embargo shall not extend past 2021-08-05 and will be made
public by or on that date even if no fix is identified.
This bug report is related to Security.
Currently novnc is allowing open direction, which could potentially be used for phishing attempts
To test.
https://<sites' vnc domain>//example.com/%2F..
include .. at the end
For example:
http://vncproxy.my.domain.com//example.com/%2F..
It will redirect to example.com. You can replace example.com with some legitimate domain or spoofed domain.
The description of the risk is
By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
Because the server name in the modified link is identical to the original site, phishing attempts may have a more trustworthy appearance. |
This bug report is related to Security.
Currently novnc is allowing open direction, which could potentially be used for phishing attempts
To test.
https://<sites' vnc domain>//example.com/%2F..
include .. at the end
For example:
http://vncproxy.my.domain.com//example.com/%2F..
It will redirect to example.com. You can replace example.com with some legitimate domain or spoofed domain.
The description of the risk is
By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
Because the server name in the modified link is identical to the original site, phishing attempts may have a more trustworthy appearance. |
|
2021-05-13 13:34:29 |
Jeremy Stanley |
information type |
Private Security |
Public |
|
2021-05-13 13:34:37 |
Jeremy Stanley |
information type |
Public |
Public Security |
|
2021-05-13 18:01:03 |
OpenStack Infra |
nova: status |
New |
In Progress |
|
2021-05-13 18:11:47 |
melanie witt |
tags |
novnc |
console novnc |
|
2021-05-14 14:48:32 |
melanie witt |
nominated for series |
|
nova/train |
|
2021-05-14 14:48:32 |
melanie witt |
bug task added |
|
nova/train |
|
2021-05-14 14:48:32 |
melanie witt |
nominated for series |
|
nova/ussuri |
|
2021-05-14 14:48:32 |
melanie witt |
bug task added |
|
nova/ussuri |
|
2021-05-14 14:48:32 |
melanie witt |
nominated for series |
|
nova/wallaby |
|
2021-05-14 14:48:32 |
melanie witt |
bug task added |
|
nova/wallaby |
|
2021-05-14 14:48:32 |
melanie witt |
nominated for series |
|
nova/victoria |
|
2021-05-14 14:48:32 |
melanie witt |
bug task added |
|
nova/victoria |
|
2021-05-15 06:16:55 |
OpenStack Infra |
nova: status |
In Progress |
Fix Released |
|
2021-05-15 07:18:39 |
OpenStack Infra |
nova/wallaby: status |
New |
In Progress |
|
2021-05-17 17:06:35 |
OpenStack Infra |
nova/victoria: status |
New |
In Progress |
|
2021-05-17 17:09:45 |
OpenStack Infra |
nova/ussuri: status |
New |
In Progress |
|
2021-05-17 17:14:50 |
OpenStack Infra |
nova/train: status |
New |
In Progress |
|
2021-06-19 18:48:15 |
OpenStack Infra |
nova/wallaby: status |
In Progress |
Fix Committed |
|
2021-07-09 19:48:13 |
melanie witt |
bug watch added |
|
http://bugs.python.org/issue43223 |
|
2021-07-12 01:11:45 |
Joshua Padman |
bug |
|
|
added subscriber Joshua Padman |
2021-07-16 09:47:34 |
Elod Illes |
nova/wallaby: status |
Fix Committed |
Fix Released |
|
2021-07-26 17:51:03 |
OpenStack Infra |
nova/victoria: status |
In Progress |
Fix Committed |
|
2021-07-27 15:17:06 |
OpenStack Infra |
nova/ussuri: status |
In Progress |
Fix Committed |
|
2021-07-27 16:39:08 |
Jeremy Stanley |
ossa: status |
Incomplete |
In Progress |
|
2021-07-27 16:39:15 |
Jeremy Stanley |
ossa: importance |
Undecided |
Medium |
|
2021-07-27 16:39:22 |
Jeremy Stanley |
ossa: assignee |
|
Jeremy Stanley (fungi) |
|
2021-07-27 23:51:22 |
Nick Tait |
cve linked |
|
2021-3654 |
|
2021-07-28 13:05:59 |
Jeremy Stanley |
summary |
novnc allowing open direction which could potentially be used for phishing |
Open Redirect in noVNC proxy (CVE-2021-3654) |
|
2021-07-28 13:06:53 |
Jeremy Stanley |
ossa: status |
In Progress |
Fix Committed |
|
2021-07-29 17:06:43 |
OpenStack Infra |
ossa: status |
Fix Committed |
Fix Released |
|
2021-07-29 17:24:37 |
Jeremy Stanley |
summary |
Open Redirect in noVNC proxy (CVE-2021-3654) |
[OSSA-2021-002]Open Redirect in noVNC proxy (CVE-2021-3654) |
|
2021-07-29 17:24:52 |
Jeremy Stanley |
summary |
[OSSA-2021-002]Open Redirect in noVNC proxy (CVE-2021-3654) |
[OSSA-2021-002] Open Redirect in noVNC proxy (CVE-2021-3654) |
|
2021-07-29 22:34:46 |
melanie witt |
nominated for series |
|
nova/stein |
|
2021-07-29 22:34:46 |
melanie witt |
bug task added |
|
nova/stein |
|
2021-07-29 23:01:17 |
OpenStack Infra |
nova/stein: status |
New |
In Progress |
|
2021-08-23 09:56:03 |
Matteo Pozza |
attachment added |
|
python2.patch https://bugs.launchpad.net/nova/+bug/1927677/+attachment/5519968/+files/python2.patch |
|
2021-08-23 09:56:45 |
Matteo Pozza |
attachment added |
|
python3.patch https://bugs.launchpad.net/nova/+bug/1927677/+attachment/5519969/+files/python3.patch |
|
2021-08-23 10:56:53 |
Matteo Pozza |
bug |
|
|
added subscriber Matteo Pozza |
2021-08-24 07:23:41 |
Balazs Gibizer |
nova: status |
Fix Released |
In Progress |
|
2021-08-24 07:23:51 |
Balazs Gibizer |
nova/wallaby: status |
Fix Released |
Confirmed |
|
2021-08-24 07:23:59 |
Balazs Gibizer |
nova/ussuri: status |
Fix Committed |
Confirmed |
|
2021-08-24 07:24:09 |
Balazs Gibizer |
nova/train: status |
In Progress |
Confirmed |
|
2021-08-24 07:24:12 |
Balazs Gibizer |
nova/stein: status |
In Progress |
Confirmed |
|
2021-08-24 07:24:22 |
Balazs Gibizer |
nova/victoria: status |
Fix Committed |
Confirmed |
|
2021-08-24 08:50:49 |
OpenStack Infra |
nova: status |
In Progress |
Fix Released |
|
2021-08-24 12:12:03 |
Jeremy Stanley |
ossa: status |
Fix Released |
Incomplete |
|
2021-08-24 12:12:10 |
Jeremy Stanley |
ossa: importance |
Medium |
Undecided |
|
2021-08-24 12:12:19 |
Jeremy Stanley |
ossa: assignee |
Jeremy Stanley (fungi) |
|
|
2021-08-24 13:46:02 |
OpenStack Infra |
nova/wallaby: status |
Confirmed |
In Progress |
|
2021-08-28 09:56:09 |
OpenStack Infra |
nova/wallaby: status |
In Progress |
Fix Committed |
|
2021-08-30 17:38:06 |
OpenStack Infra |
nova/victoria: status |
Confirmed |
In Progress |
|
2021-08-30 17:56:43 |
OpenStack Infra |
nova/ussuri: status |
Confirmed |
In Progress |
|
2021-08-30 18:04:00 |
OpenStack Infra |
nova/train: status |
Confirmed |
In Progress |
|
2021-08-31 10:55:09 |
OpenStack Infra |
tags |
console novnc |
console in-stable-wallaby novnc |
|
2021-09-01 15:04:12 |
OpenStack Infra |
tags |
console in-stable-wallaby novnc |
console in-stable-victoria in-stable-wallaby novnc |
|
2021-09-14 18:22:53 |
OpenStack Infra |
tags |
console in-stable-victoria in-stable-wallaby novnc |
console in-stable-ussuri in-stable-victoria in-stable-wallaby novnc |
|
2021-09-16 00:21:03 |
OpenStack Infra |
nova/victoria: status |
In Progress |
Fix Committed |
|
2021-09-26 16:05:35 |
OpenStack Infra |
nova/ussuri: status |
In Progress |
Fix Committed |
|
2021-09-27 15:02:57 |
OpenStack Infra |
ossa: status |
Incomplete |
In Progress |
|
2021-09-27 16:42:47 |
OpenStack Infra |
ossa: status |
In Progress |
Fix Released |
|
2021-10-07 17:05:36 |
Elod Illes |
nova/wallaby: status |
Fix Committed |
Fix Released |
|
2021-10-07 17:11:21 |
Elod Illes |
nova/victoria: status |
Fix Committed |
Fix Released |
|
2021-10-07 17:16:20 |
Elod Illes |
nova/ussuri: status |
Fix Committed |
Fix Released |
|
2021-10-28 23:41:54 |
OpenStack Infra |
nova/train: status |
In Progress |
Fix Committed |
|
2021-11-08 15:21:22 |
OpenStack Infra |
nova/stein: status |
Confirmed |
In Progress |
|
2022-12-20 16:25:16 |
OpenStack Infra |
tags |
console in-stable-ussuri in-stable-victoria in-stable-wallaby novnc |
console in-stable-ussuri in-stable-victoria in-stable-wallaby in-stable-yoga novnc |
|
2023-01-10 14:04:17 |
OpenStack Infra |
tags |
console in-stable-ussuri in-stable-victoria in-stable-wallaby in-stable-yoga novnc |
console in-stable-ussuri in-stable-victoria in-stable-wallaby in-stable-xena in-stable-yoga novnc |
|
2023-01-11 13:16:15 |
OpenStack Infra |
tags |
console in-stable-ussuri in-stable-victoria in-stable-wallaby in-stable-xena in-stable-yoga novnc |
console in-stable-train in-stable-ussuri in-stable-victoria in-stable-wallaby in-stable-xena in-stable-yoga novnc |
|
2023-08-31 13:43:57 |
OpenStack Infra |
nova/train: status |
Fix Committed |
Fix Released |
|