{"id":"CVE-2020-12690","details":"An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended, possibly giving unintended escalated access.","aliases":["GHSA-6m8p-x4qw-gh5j","PYSEC-2020-54"],"modified":"2026-04-02T02:11:15.608905Z","published":"2020-05-07T00:15:10.923Z","references":[{"type":"WEB","url":"https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa%40%3Ccommits.druid.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2%40%3Ccommits.druid.apache.org%3E"},{"type":"WEB","url":"https://usn.ubuntu.com/4480-1/"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2020/05/07/3"},{"type":"ADVISORY","url":"https://security.openstack.org/ossa/OSSA-2020-005.html"},{"type":"ADVISORY","url":"https://www.openwall.com/lists/oss-security/2020/05/06/6"},{"type":"FIX","url":"https://bugs.launchpad.net/keystone/+bug/1873290"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/openstack/keystone","events":[{"introduced":"0"},{"fixed":"95b2bbeab113d9f04d1c81f7f1b48bf692bce979"},{"introduced":"0"},{"last_affected":"dc9e9e32dfbf9fd9c58f9f8e2b35f0bcfd62328e"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"15.0.1"},{"introduced":"0"},{"last_affected":"16.0.0"}]}}],"versions":["10.0.0","10.0.0.0b1","10.0.0.0b2","10.0.0.0b3","10.0.0.0rc1","10.0.0.0rc2","10.0.0.0rc3","10.0.1","10.0.2","10.0.3","11.0.0","11.0.0.0b1","11.0.0.0b2","11.0.0.0b3","11.0.0.0rc1","11.0.1","11.0.2","11.0.3","11.0.4","12.0.0","12.0.0.0b1","12.0.0.0b2","12.0.0.0b3","12.0.0.0rc1","12.0.0.0rc2","12.0.1","12.0.2","12.0.3","13.0.0","13.0.0.0b1","13.0.0.0b2","13.0.0.0b3","13.0.0.0rc1","13.0.0.0rc2","13.0.1","13.0.2","13.0.3","13.0.4","14.0.0","14.0.0.0b1","14.0.0.0b2","14.0.0.0b3","14.0.0.0rc1","14.0.0.0rc2","14.0.1","14.1.0","14.2.0","15.0.0","15.0.0.0rc1","15.0.0.0rc2","16.0.0","16.0.0.0rc1","16.0.0.0rc2","17.0.0","17.0.0.0rc1","17.0.0.0rc2","17.0.1","18.0.0","18.0.0.0rc1","18.1.0","19.0.0","19.0.0.0rc1","19.0.0.0rc2","19.0.1","20.0.0","20.0.0.0rc1","20.0.1","2011.3","2011.3.1","2012.1","2012.1.1","2012.1.2","2012.1.3","2012.2","2012.2.1","2012.2.3","2012.2.4","2013.1","2013.1.1","2013.1.2","2013.1.3","2013.1.4","2013.1.5","2013.1.g3","2013.1.rc1","2013.1.rc2","2013.1.rc3","2013.2","2013.2.1","2013.2.2","2013.2.3","2013.2.4","2013.2.b1","2013.2.b2","2013.2.b3","2013.2.rc1","2013.2.rc2","2013.2.rc3","2013.2.rc4","2014.1","2014.1.1","2014.1.2","2014.1.2.1","2014.1.3","2014.1.4","2014.1.5","2014.1.b1","2014.1.b2","2014.1.b3","2014.1.rc1","2014.1.rc2","2014.2","2014.2.1","2014.2.2","2014.2.3","2014.2.4","2014.2.b1","2014.2.b2","2014.2.b3","2014.2.rc1","2014.2.rc2","2015.1.0","2015.1.0b1","2015.1.0b2","2015.1.0b3","2015.1.0rc1","2015.1.0rc2","2015.1.1","2015.1.2","2015.1.3","2015.1.4","2023.1-eom","2023.2-eol","2024.1-eom","21.0.0","21.0.0.0rc1","21.0.1","22.0.0","22.0.0.0rc1","22.0.1","22.0.2","23.0.0","23.0.0.0rc1","23.0.1","23.0.2","24.0.0","24.0.0.0rc1","24.1.0","25.0.0","25.0.0.0rc1","26.0.0","26.0.0.0rc1","26.1.0","27.0.0","27.0.0.0rc1","28.0.0","28.0.0.0rc1","29.0.0","29.0.0.0rc1","8.0.0","8.0.0.0b1","8.0.0.0b2","8.0.0.0b3","8.0.0.0rc1","8.0.0.0rc2","8.0.0a0","8.0.1","8.1.0","8.1.2","9.0.0","9.0.0.0b1","9.0.0.0b2","9.0.0.0b3","9.0.0.0rc1","9.0.0.0rc2","9.0.0.0rc3","9.0.1","9.0.2","9.1.0","9.2.0","9.3.0","diablo-eol","essex-1","essex-2","essex-3","essex-4","essex-eol","essex-rc1","essex-rc2","folsom-1","folsom-2","folsom-3","folsom-eol","folsom-rc1","folsom-rc2","grizzly-1","grizzly-2","grizzly-eol","havana-eol","icehouse-eol","juno-eol","kilo-eol","liberty-eol","mitaka-eol","newton-eol","ocata-em","ocata-eol","pike-em","pike-eol","queens-em","queens-eol","rocky-em","rocky-eol","ussuri-em","ussuri-eol","victoria-em","victoria-eol","victoria-eom","wallaby-em","wallaby-eol","wallaby-eom","xena-em","xena-eol","xena-eom","yoga-eom","zed-eom"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-12690.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}