Lucene search
HistoryApr 15, 2014 - 2:55 p.m.
CVE-2014-2828
cve-2014-2828
v3 api
openstack identity
keystone
denial of service
cpu consumption
remote attackers
authentication chaining
6.6 Medium
AI Score
Confidence
Low
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.008 Low
EPSS
Percentile
81.2%
The V3 API in OpenStack Identity (Keystone) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service (CPU consumption) via a large number of the same authentication method in a request, aka “authentication chaining.”
Related
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:02:41
prion
prion
Authentication flaw
2014-04-15 14:55:00
nessus
nessus
Oracle Solaris Third-Party Patch Update : keystone (cve_2014_2828_authentication_issues)
2015-01-19 00:00:00
Fedora 20 : openstack-keystone-2013.2.3-5.fc20 (2014-5497)
2014-08-08 00:00:00
seebug
seebug
OpenStack Keystone V3 API验证拒绝服务漏洞
2014-04-17 00:00:00
cvelist
cvelist
CVE-2014-2828
2014-04-15 14:00:00
ubuntucve
ubuntucve
CVE-2014-2828
2014-04-15 00:00:00
debiancve
debiancve
CVE-2014-2828
2014-04-15 14:55:00
github
github
OpenStack Identity (Keystone) DoS through V3 API authentication chaining
2022-05-17 04:03:06
ibm
ibm
redhat
redhat
(RHSA-2014:1688) Important: openstack-keystone security and bug fix update
2014-10-22 00:00:00
openvas
openvas
Fedora Update for openstack-keystone FEDORA-2014-5497
2014-08-08 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: openstack-keystone-2013.2.3-5.fc20
2014-08-07 15:24:24
6.6 Medium
AI Score
Confidence
Low
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.008 Low
EPSS
Percentile
81.2%
Related for CVE-2014-2828