CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
77.1%
The (1) mamcache and (2) KVS token backends in OpenStack Identity (Keystone) Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token.
Vendor | Product | Version | CPE |
---|---|---|---|
openstack | keystone | 2012.2 | cpe:2.3:a:openstack:keystone:2012.2:*:*:*:*:*:*:* |
openstack | keystone | 2012.2.1 | cpe:2.3:a:openstack:keystone:2012.2.1:*:*:*:*:*:*:* |
openstack | keystone | 2012.2.2 | cpe:2.3:a:openstack:keystone:2012.2.2:*:*:*:*:*:*:* |
openstack | keystone | 2012.2.3 | cpe:2.3:a:openstack:keystone:2012.2.3:*:*:*:*:*:*:* |
openstack | keystone | 2012.2.4 | cpe:2.3:a:openstack:keystone:2012.2.4:*:*:*:*:*:*:* |
openstack | keystone | 2013.1 | cpe:2.3:a:openstack:keystone:2013.1:*:*:*:*:*:*:* |
openstack | keystone | 2013.1.1 | cpe:2.3:a:openstack:keystone:2013.1.1:*:*:*:*:*:*:* |
openstack | keystone | 2013.1.2 | cpe:2.3:a:openstack:keystone:2013.1.2:*:*:*:*:*:*:* |
openstack | keystone | 2013.1.3 | cpe:2.3:a:openstack:keystone:2013.1.3:*:*:*:*:*:*:* |