Lucene search
K

openstack-keystone: OpenStack Keystone: Unauthorized access and privilege escalation via AWS signature validation flaw

🗓️ 22 Jun 2026 21:01:08Reported by RedHatType 
redhat
 redhat
🔗 access.redhat.com👁 10 Views

OpenStack Keystone flaw enables unauthorized access and privilege escalation via AWS signature to ec2tokens or s3tokens for a token.

Related
Packages
Refs
ReporterTitlePublishedViews
Family
Circl
CVE-2025-65073
17 Nov 202510:58
circl
CNNVD
Keystone 安全漏洞
17 Nov 202500:00
cnnvd
CVE
CVE-2025-65073
17 Nov 202500:00
cve
Cvelist
CVE-2025-65073
17 Nov 202500:00
cvelist
Debian CVE
CVE-2025-65073
17 Nov 202500:00
debiancve
EUVD
EUVD-2025-197772
17 Nov 202500:00
euvd
Github Security Blog
OpenStack Keystone allows /v3/ec2tokens or /v3/s3tokens request with valid AWS Signature to provide Keystone authorization.
17 Nov 202509:30
github
NVD
CVE-2025-65073
17 Nov 202508:16
nvd
OpenVAS
Debian: Security Advisory (DSA-6056-1)
14 Nov 202500:00
openvas
OpenVAS
Debian: Security Advisory (DLA-4367-1)
10 Nov 202500:00
openvas
Rows per page
OSOS VersionArchitecturePackagePackage VersionFilename
Red Hat Enterprise Linux9anyopenstack-swift-account0:2.27.1-17.1.20231004180819.el9ost.noarchopenstack-swift-account-0:2.27.1-17.1.20231004180819.el9ost.noarch.noarch.rpm
Red Hat Enterprise Linux9anyopenstack-swift-container0:2.27.1-17.1.20231004180819.el9ost.noarchopenstack-swift-container-0:2.27.1-17.1.20231004180819.el9ost.noarch.noarch.rpm
Red Hat Enterprise Linux9anyopenstack-swift-object0:2.27.1-17.1.20231004180819.el9ost.noarchopenstack-swift-object-0:2.27.1-17.1.20231004180819.el9ost.noarch.noarch.rpm
Red Hat Enterprise Linux9anyopenstack-swift-proxy0:2.27.1-17.1.20231004180819.el9ost.noarchopenstack-swift-proxy-0:2.27.1-17.1.20231004180819.el9ost.noarch.noarch.rpm
Red Hat Enterprise Linux9anypython3-swift0:2.27.1-17.1.20231004180819.el9ost.noarchpython3-swift-0:2.27.1-17.1.20231004180819.el9ost.noarch.noarch.rpm

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation