Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-0204HistoryNov 03, 2014 - 11:55 p.m.
CVE-2014-0204
2014-11-0323:55:05
Debian Security Bug Tracker
security-tracker.debian.org
14
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
EPSS
0.003
Percentile
71.0%
OpenStack Identity (Keystone) before 2014.1.1 does not properly handle when a role is assigned to a group that has the same ID as a user, which allows remote authenticated users to gain privileges that are assigned to a group with the same ID.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | keystone | < 2014.1-5 | keystone_2014.1-5_all.deb |
| Debian | 11 | all | keystone | < 2014.1-5 | keystone_2014.1-5_all.deb |
| Debian | 999 | all | keystone | < 2014.1-5 | keystone_2014.1-5_all.deb |
| Debian | 13 | all | keystone | < 2014.1-5 | keystone_2014.1-5_all.deb |
Related
prion
prion
Design/Logic Flaw
2014-11-03 23:55:00
cvelist
cvelist
CVE-2014-0204
2014-11-03 23:00:00
github
github
OpenStack Identity Keystone Improper Privilege Management
2022-05-13 01:26:10
nvd
nvd
CVE-2014-0204
2014-11-03 23:55:05
cve
cve
CVE-2014-0204
2014-11-03 23:55:05
ubuntucve
ubuntucve
CVE-2014-0204
2014-11-03 00:00:00
nessus
nessus
EulerOS 2.0 SP2 : openssl098e (EulerOS-SA-2019-2509)
2019-12-04 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2019-2509)
2020-01-23 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
EPSS
0.003
Percentile
71.0%
Related for DEBIANCVE:CVE-2014-0204