Lucene search
PRIOn knowledge basePRION:CVE-2014-3476HistoryJun 17, 2014 - 2:55 p.m.
Design/Logic Flaw
2014-06-1714:55:00
PRIOn knowledge base
www.prio-n.com
8
OpenStack Identity (Keystone) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained delegation, which allows remote authenticated users to gain privileges by leveraging a (1) trust or (2) OAuth token with impersonation enabled to create a new token with additional roles.
Related
cve
cve
CVE-2014-3476
2014-06-17 14:55:07
veracode
veracode
Privilege Escalation
2019-01-15 08:57:52
cvelist
cvelist
CVE-2014-3476
2014-06-17 14:00:00
suse
suse
Security update for openstack-keystone (important)
2014-06-26 01:04:38
ibm
ibm
github
github
debiancve
debiancve
CVE-2014-3476
2014-06-17 14:55:07
ubuntucve
ubuntucve
CVE-2014-3476
2014-06-17 00:00:00
nvd
nvd
CVE-2014-3476
2014-06-17 14:55:07
redhat
redhat
(RHSA-2014:0994) Important: openstack-keystone security update
2014-07-31 00:00:00
nessus
nessus
Fedora 20 : openstack-keystone-2013.2.3-5.fc20 (2014-5497)
2014-08-08 00:00:00
Ubuntu 14.04 LTS : OpenStack Keystone vulnerabilities (USN-2324-1)
2014-08-22 00:00:00
ubuntu
ubuntu
OpenStack Keystone vulnerabilities
2014-08-21 00:00:00
securityvulns
securityvulns
[USN-2324-1] OpenStack Keystone vulnerabilities
2014-08-24 00:00:00
OpenStack multiple security vulnerabilities
2014-08-24 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2324-1)
2014-08-22 00:00:00
Fedora Update for openstack-keystone FEDORA-2014-5497
2014-08-08 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: openstack-keystone-2013.2.3-5.fc20
2014-08-07 15:24:24