Lucene search
HistoryNov 03, 2014 - 11:55 p.m.
CVE-2014-0204
cve-2014-0204
openstack
keystone
identity management
security vulnerability
7.4 High
AI Score
Confidence
High
6.5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.9%
OpenStack Identity (Keystone) before 2014.1.1 does not properly handle when a role is assigned to a group that has the same ID as a user, which allows remote authenticated users to gain privileges that are assigned to a group with the same ID.
Affected configurations
Node
openstackkeystoneRange2014.1–2014.1.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| openstack:keystone | openstack keystone | lt | 2014.1.1 |
Related
prion
prion
Design/Logic Flaw
2014-11-03 23:55:00
ubuntucve
ubuntucve
CVE-2014-0204
2014-11-03 00:00:00
debiancve
debiancve
CVE-2014-0204
2014-11-03 23:55:05
github
github
OpenStack Identity Keystone Improper Privilege Management
2022-05-13 01:26:10
nvd
nvd
CVE-2014-0204
2014-11-03 23:55:05
cvelist
cvelist
CVE-2014-0204
2014-11-03 23:00:00
nessus
nessus
EulerOS 2.0 SP2 : openssl098e (EulerOS-SA-2019-2509)
2019-12-04 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2019-2509)
2020-01-23 00:00:00
7.4 High
AI Score
Confidence
High
6.5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.9%
Related for CVE-2014-0204