0.001 Low
EPSS
Percentile
40.3%
A flaw was discovered in the python-novajoin plugin for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens.
bugzilla.redhat.com/show_bug.cgi?id=1670573
www.cve.org/CVERecord?id=CVE-2019-10138 https://nvd.nist.gov/vuln/detail/CVE-2019-10138 https://review.opendev.org/#/c/631240/