3.3 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:P/A:N
0.0004 Low
EPSS
Percentile
5.7%
The openstack-keystone packages provide keystone, a Python implementation
of the OpenStack Identity service API, which provides Identity, Token,
Catalog, and Policy services.
A flaw was discovered in the way the LDAP backend in keystone handled the
removal of a role. A user could unintentionally be granted a role if the
role being removed had not been previously granted to that user. Note that
only OpenStack Identity setups using an LDAP backend were affected.
(CVE-2013-4477)
All openstack-keystone users are advised to upgrade to these updated
packages, which contain a backported patch to correct this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | noarch | python-keystone | < 2013.1.4-2.el6ost | python-keystone-2013.1.4-2.el6ost.noarch.rpm |
RedHat | 6 | noarch | openstack-keystone-doc | < 2013.1.4-2.el6ost | openstack-keystone-doc-2013.1.4-2.el6ost.noarch.rpm |
RedHat | 6 | src | openstack-keystone | < 2013.1.4-2.el6ost | openstack-keystone-2013.1.4-2.el6ost.src.rpm |
RedHat | 6 | noarch | openstack-keystone | < 2013.1.4-2.el6ost | openstack-keystone-2013.1.4-2.el6ost.noarch.rpm |