Lucene search
HistoryNov 03, 2014 - 11:55 p.m.
CVE-2014-0204
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.4
Confidence
High
EPSS
0.003
Percentile
71.0%
OpenStack Identity (Keystone) before 2014.1.1 does not properly handle when a role is assigned to a group that has the same ID as a user, which allows remote authenticated users to gain privileges that are assigned to a group with the same ID.
Affected configurations
Node
openstackkeystoneRange2014.1–2014.1.1
Related
prion
prion
Design/Logic Flaw
2014-11-03 23:55:00
cvelist
cvelist
CVE-2014-0204
2014-11-03 23:00:00
github
github
OpenStack Identity Keystone Improper Privilege Management
2022-05-13 01:26:10
debiancve
debiancve
CVE-2014-0204
2014-11-03 23:55:05
ubuntucve
ubuntucve
CVE-2014-0204
2014-11-03 00:00:00
cve
cve
CVE-2014-0204
2014-11-03 23:55:05
nessus
nessus
EulerOS 2.0 SP2 : openssl098e (EulerOS-SA-2019-2509)
2019-12-04 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2019-2509)
2020-01-23 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.4
Confidence
High
EPSS
0.003
Percentile
71.0%
Related for NVD:CVE-2014-0204