Lucene search
PRIOn knowledge basePRION:CVE-2020-12692HistoryMay 07, 2020 - 12:15 a.m.
Authorization
2020-05-0700:15:00
PRIOn knowledge base
www.prio-n.com
5
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn’t have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times.
Related
debiancve
debiancve
CVE-2020-12692
2020-05-07 00:15:10
nvd
nvd
CVE-2020-12692
2020-05-07 00:15:10
redhatcve
redhatcve
CVE-2020-12692
2020-05-08 00:09:51
cvelist
cvelist
CVE-2020-12692
2020-05-06 23:42:42
github
github
ubuntucve
ubuntucve
CVE-2020-12692
2020-05-07 00:00:00
osv
osv
CVE-2020-12692
2020-05-07 00:15:10
PYSEC-2020-56
2020-05-07 00:15:00
veracode
veracode
Man-in-the-Middle (MitM)
2020-05-08 05:36:35
cve
cve
CVE-2020-12692
2020-05-07 00:15:10
nessus
nessus
RHEL 7 : openstack-keystone (RHSA-2020:2732)
2020-06-24 00:00:00
Ubuntu 18.04 LTS : OpenStack Keystone vulnerabilities (USN-4480-1)
2020-09-02 00:00:00
RHEL 8 : openstack-keystone (RHSA-2020:3102)
2020-07-22 00:00:00
redhat
redhat
(RHSA-2020:2732) Important: openstack-keystone security update
2020-06-24 12:25:05
(RHSA-2020:3105) Important: openstack-keystone security update
2020-07-22 12:28:32
(RHSA-2020:3102) Important: openstack-keystone security update
2020-07-22 12:24:32
openvas
openvas
Ubuntu: Security Advisory (USN-4480-1)
2020-09-02 00:00:00
Debian: Security Advisory (DSA-4679-1)
2020-05-08 00:00:00
ibm
ibm
ubuntu
ubuntu
OpenStack Keystone vulnerabilities
2020-09-01 00:00:00