Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-1772-1
HistoryMar 20, 2013 - 12:00 a.m.

OpenStack Keystone vulnerability

2013-03-2000:00:00
ubuntu.com
30

6.2 Medium

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.1%

JSON

Releases

  • Ubuntu 12.10

Packages

  • keystone - OpenStack identity service

Details

Guang Yee discovered that Keystone would not always perform all
verification checks when configured to use PKI. If the keystone server was
configured to use PKI and services or users requested online verification,
an attacker could potentially exploit this to bypass revocation checks.
Keystone uses UUID tokens by default in Ubuntu.

OSVersionArchitecturePackageVersionFilename
Ubuntu12.10noarchpython-keystone< 2012.2.1-0ubuntu1.3UNKNOWN
Ubuntu12.10noarchkeystone< 2012.2.1-0ubuntu1.3UNKNOWN
Ubuntu12.10noarchkeystone-doc< 2012.2.1-0ubuntu1.3UNKNOWN

Related

nessus 3
ubuntucve 1
osv 1
securityvulns 2
openvas 8
cvelist 1
cve 1
prion 1
github 1
debiancve 1
redhat 1
veracode 1
fedora 3
nessus
nessus
Fedora 18 : openstack-keystone-2012.2.3-5.fc18 (2013-4590)
2013-04-09 00:00:00
Ubuntu 12.10 : keystone vulnerability (USN-1772-1)
2013-03-21 00:00:00
openSUSE Security Update : openstack-keystone (openSUSE-SU-2013:0565-1)
2014-06-13 00:00:00
ubuntucve
ubuntucve
CVE-2013-1865
2013-03-20 00:00:00
osv
osv
OpenStack Keystone Improper Authentication vulnerability
2022-05-17 04:56:52
securityvulns
securityvulns
[USN-1772-1] OpenStack Keystone vulnerability
2013-03-24 00:00:00
OpenStack security vulnerabilities
2013-03-24 00:00:00
openvas
openvas
Ubuntu Update for keystone USN-1772-1
2013-03-22 00:00:00
Ubuntu: Security Advisory (USN-1772-1)
2013-03-22 00:00:00
Fedora Update for openstack-keystone FEDORA-2013-4590
2013-04-15 00:00:00
cvelist
cvelist
CVE-2013-1865
2013-03-22 21:00:00
cve
cve
CVE-2013-1865
2013-03-22 21:55:00
prion
prion
Design/Logic Flaw
2013-03-22 21:55:00
github
github
OpenStack Keystone Improper Authentication vulnerability
2022-05-17 04:56:52
debiancve
debiancve
CVE-2013-1865
2013-03-22 21:55:00
redhat
redhat
(RHSA-2013:0708) Moderate: openstack-keystone security and bug fix update
2013-04-04 00:00:00
veracode
veracode
Authorization Bypass
2019-05-02 04:54:31
fedora
fedora
[SECURITY] Fedora 18 Update: openstack-keystone-2012.2.3-5.fc18
2013-04-08 22:52:02
[SECURITY] Fedora 18 Update: openstack-keystone-2012.2.4-3.fc18
2013-05-22 01:29:47
[SECURITY] Fedora 18 Update: openstack-keystone-2012.2.4-5.fc18
2013-08-09 17:01:37

6.2 Medium

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.1%

JSON
Related for USN-1772-1
nessus3ubuntucve1osv1securityvulns2openvas8cvelist1cve1prion1github1debiancve1redhat1veracode1fedora3