Tendrl API in Red Hat Gluster Storage before 3.4.0 does not immediately remove session tokens after a user logs out. Session tokens remain active for a few minutes allowing attackers to replay tokens acquired via sniffing/MITM attacks and authenticate as the target user.
Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Gluster_storage | Redhat | * | 3.4 (excluding) |
| Red Hat Gluster Storage 3.4 for RHEL 7 | RedHat | python-flask-1:0.10.1-5.el7rhgs | * |
| Red Hat Gluster Storage 3.4 for RHEL 7 | RedHat | python-itsdangerous-0:0.23-2.el7 | * |
| Red Hat Gluster Storage 3.4 for RHEL 7 | RedHat | tendrl-ansible-0:1.6.3-7.el7rhgs | * |
| Red Hat Gluster Storage 3.4 for RHEL 7 | RedHat | tendrl-api-0:1.6.3-5.el7rhgs | * |
| Red Hat Gluster Storage 3.4 for RHEL 7 | RedHat | tendrl-commons-0:1.6.3-12.el7rhgs | * |
| Red Hat Gluster Storage 3.4 for RHEL 7 | RedHat | tendrl-gluster-integration-0:1.6.3-10.el7rhgs | * |
| Red Hat Gluster Storage 3.4 for RHEL 7 | RedHat | tendrl-monitoring-integration-0:1.6.3-11.el7rhgs | * |
| Red Hat Gluster Storage 3.4 for RHEL 7 | RedHat | tendrl-node-agent-0:1.6.3-10.el7rhgs | * |
| Red Hat Gluster Storage 3.4 for RHEL 7 | RedHat | tendrl-notifier-0:1.6.3-4.el7rhgs | * |
| Red Hat Gluster Storage 3.4 for RHEL 7 | RedHat | tendrl-ui-0:1.6.3-11.el7rhgs | * |
Such a scenario is commonly observed when: