Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-4222HistorySep 30, 2013 - 10:55 p.m.
CVE-2013-4222
2013-09-3022:55:00
Debian Security Bug Tracker
security-tracker.debian.org
11
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
68.2%
OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | keystone | < 2013.1.3-1 | keystone_2013.1.3-1_all.deb |
| Debian | 11 | all | keystone | < 2013.1.3-1 | keystone_2013.1.3-1_all.deb |
| Debian | 10 | all | keystone | < 2013.1.3-1 | keystone_2013.1.3-1_all.deb |
| Debian | 999 | all | keystone | < 2013.1.3-1 | keystone_2013.1.3-1_all.deb |
| Debian | 13 | all | keystone | < 2013.1.3-1 | keystone_2013.1.3-1_all.deb |
Related
cvelist
cvelist
CVE-2013-4222
2013-09-30 20:00:00
cve
cve
CVE-2013-4222
2013-09-30 22:55:00
veracode
veracode
Improper Token Invalidation
2019-01-15 09:01:39
fedora
fedora
[SECURITY] Fedora 20 Update: openstack-keystone-2013.2-0.9.b3.fc20
2013-09-23 00:29:05
redhat
redhat
(RHSA-2013:1524) Moderate: openstack-keystone security and bug fix update
2013-11-18 00:00:00
ubuntucve
ubuntucve
CVE-2013-4222
2013-09-30 00:00:00
prion
prion
Design/Logic Flaw
2013-09-30 22:55:00
nessus
nessus
Fedora 20 : openstack-keystone-2013.2-0.9.b3.fc20 (2013-16551)
2013-09-23 00:00:00
Ubuntu 12.10 / 13.04 : keystone vulnerabilities (USN-2002-1)
2013-10-24 00:00:00
openvas
openvas
Ubuntu Update for keystone USN-2002-1
2013-10-29 00:00:00
Ubuntu: Security Advisory (USN-2002-1)
2013-10-29 00:00:00
securityvulns
securityvulns
[USN-2002-1] Keystone vulnerabilities
2013-10-28 00:00:00
OpenStack multiple security vulnerabilities
2013-12-23 00:00:00
ubuntu
ubuntu
Keystone vulnerabilities
2013-10-23 00:00:00
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
68.2%
Related for DEBIANCVE:CVE-2013-4222