Anshul Gangwar created CLOUDSTACK-9705:
------------------------------------------
Summary: Unauthenticated API allows Admin password reset
Key: CLOUDSTACK-9705
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9705
Project: CloudStack
Issue Type: Bug
Security Level: Public (Anyone can view this level - this is the default.)
Reporter: Anshul Gangwar
Assignee: Anshul Gangwar
The "unauthenticated API" allows a caller to reset CloudStack administrator
passwords. This presents a security risk becaues it allows for privilege
escallation attacks. First, if the unauthenticated API is listening on the
network (instead of locally) then any user on the network can reset admin
passwords. If, the API is only listening locally, then any user with access to
the local box can resset admin passwords. This would allow them to access other
hosts within the cloudstack deployment.
While it may be important to provide a recovery mechanism for admin passwords
that have been lost or hyjacked, such a solution needs to be secure. We should
either remove this feature from the Unauthenticated API, or provide a solution
that is less open to abuse.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
