Lucene search
HistorySep 30, 2013 - 10:55 p.m.
CVE-2013-4222
openstack
keystone
identity management
token revocation
tenant disabling
information security
6 Medium
AI Score
Confidence
Low
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
68.3%
OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token.
Related
veracode
veracode
Improper Token Invalidation
2019-01-15 09:01:39
debiancve
debiancve
CVE-2013-4222
2013-09-30 22:55:00
cvelist
cvelist
CVE-2013-4222
2013-09-30 20:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: openstack-keystone-2013.2-0.9.b3.fc20
2013-09-23 00:29:05
redhat
redhat
(RHSA-2013:1524) Moderate: openstack-keystone security and bug fix update
2013-11-18 00:00:00
ubuntucve
ubuntucve
CVE-2013-4222
2013-09-30 00:00:00
prion
prion
Design/Logic Flaw
2013-09-30 22:55:00
nessus
nessus
Fedora 20 : openstack-keystone-2013.2-0.9.b3.fc20 (2013-16551)
2013-09-23 00:00:00
Ubuntu 12.10 / 13.04 : keystone vulnerabilities (USN-2002-1)
2013-10-24 00:00:00
openvas
openvas
Ubuntu Update for keystone USN-2002-1
2013-10-29 00:00:00
Ubuntu: Security Advisory (USN-2002-1)
2013-10-29 00:00:00
securityvulns
securityvulns
[USN-2002-1] Keystone vulnerabilities
2013-10-28 00:00:00
OpenStack multiple security vulnerabilities
2013-12-23 00:00:00
ubuntu
ubuntu
Keystone vulnerabilities
2013-10-23 00:00:00
6 Medium
AI Score
Confidence
Low
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
68.3%
Related for CVE-2013-4222