Lucene search
PRIOn knowledge basePRION:CVE-2014-5252HistoryAug 25, 2014 - 2:55 p.m.
Cross site request forgery (csrf)
2014-08-2514:55:00
PRIOn knowledge base
www.prio-n.com
6
The V3 API in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 updates the issued_at value for UUID v2 tokens, which allows remote authenticated users to bypass the token expiration and retain access via a verification (1) GET or (2) HEAD request to v3/auth/tokens/.
Related
debiancve
debiancve
CVE-2014-5252
2014-08-25 14:55:07
ubuntucve
ubuntucve
CVE-2014-5252
2014-08-15 00:00:00
cve
cve
CVE-2014-5252
2014-08-25 14:55:07
veracode
veracode
Authentication Bypass
2019-05-02 05:11:39
nvd
nvd
CVE-2014-5252
2014-08-25 14:55:07
github
github
cvelist
cvelist
CVE-2014-5252
2014-08-25 14:00:00
redhat
redhat
(RHSA-2014:1121) Low: openstack-keystone security and bug fix update
2014-09-02 00:00:00
(RHSA-2014:1122) Low: openstack-keystone security and bug fix update
2014-09-02 00:00:00
ubuntu
ubuntu
OpenStack Keystone vulnerabilities
2014-08-21 00:00:00
securityvulns
securityvulns
[USN-2324-1] OpenStack Keystone vulnerabilities
2014-08-24 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2324-1)
2014-08-22 00:00:00
nessus
nessus
Ubuntu 14.04 LTS : OpenStack Keystone vulnerabilities (USN-2324-1)
2014-08-22 00:00:00