Lucene search
Redhat.comRH:CVE-2020-12690HistoryMay 07, 2020 - 7:39 p.m.
CVE-2020-12690
2020-05-0719:39:54
redhat.com
access.redhat.com
9
0.005 Low
EPSS
Percentile
76.6%
A flaw was found in Keystone, where it inadvertently provided OAuth1 access tokens to every role assignment the creator had for a project, resulting in giving more permissions and escalated access in role assignments than intended. The greatest impact is on confidentiality.
Related
cve
cve
CVE-2020-12690
2020-05-07 00:15:10
debiancve
debiancve
CVE-2020-12690
2020-05-07 00:15:10
veracode
veracode
Privilege Escalation
2020-06-24 05:07:48
prion
prion
Design/Logic Flaw
2020-05-07 00:15:00
cvelist
cvelist
CVE-2020-12690
2020-05-06 23:43:10
github
github
Insufficient Session Expiration in OpenStack Keystone
2021-06-09 17:34:09
ubuntucve
ubuntucve
CVE-2020-12690
2020-05-07 00:00:00
osv
osv
Insufficient Session Expiration in OpenStack Keystone
2021-06-09 17:34:09
PYSEC-2020-54
2020-05-07 00:15:00
CVE-2020-12690
2020-05-07 00:15:10
nvd
nvd
CVE-2020-12690
2020-05-07 00:15:10
openvas
openvas
Ubuntu: Security Advisory (USN-4480-1)
2020-09-02 00:00:00
Debian: Security Advisory (DSA-4679-1)
2020-05-08 00:00:00
nessus
nessus
Ubuntu 18.04 LTS : OpenStack Keystone vulnerabilities (USN-4480-1)
2020-09-02 00:00:00
RHEL 8 : openstack-keystone (RHSA-2020:3105)
2020-07-22 00:00:00
RHEL 8 : openstack-keystone (RHSA-2020:3102)
2020-07-22 00:00:00
redhat
redhat
(RHSA-2020:3105) Important: openstack-keystone security update
2020-07-22 12:28:32
(RHSA-2020:3102) Important: openstack-keystone security update
2020-07-22 12:24:32
ubuntu
ubuntu
OpenStack Keystone vulnerabilities
2020-09-01 00:00:00
