11 matches found
SUSE CVE-2020-12689
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope trust/oauth/application credential can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially...
Ubuntu: Security Advisory (USN-4480-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 18.04 LTS : OpenStack Keystone vulnerabilities (USN-4480-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4480-1 advisory. It was discovered that OpenStack Keystone incorrectly handled EC2 credentials. An authenticated attacker with a limited scope could possibly create EC2...
Security Bulletin: Openstack Keystone vulnerabilities affects IBM Spectrum Scale (CVE-2020-12689)
Summary IBM Spectrum Scale, shipped with Openstack keystone, is exposed to vulnerabilities as detailed below. Vulnerability Details CVEID: CVE-2020-12689 DESCRIPTION: OpenStack Keystone could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper...
Important: Red Hat Security Advisory: openstack-keystone security update
An update for openstack-keystone is now available for Red Hat OpenStack Platform 16 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: openstack-keystone security update
An update for openstack-keystone is now available for Red Hat OpenStack Platform 15 Stein. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: openstack-keystone security update
An update for openstack-keystone is now available for Red Hat OpenStack Platform 10 Newton. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 8 : openstack-keystone (RHSA-2020:3102)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3102 advisory. The OpenStack Identity service keystone authenticates and authorizes OpenStack users by keeping track of users and their permitted activitie...
RHEL 7 : openstack-keystone (RHSA-2020:3096)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3096 advisory. The OpenStack Identity service keystone authenticates and authorizes OpenStack users by keeping track of users and their permitted activitie...
UBUNTU-CVE-2020-12689
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope trust/oauth/application credential can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially...
CVE-2020-12689
OpenStack Keystone vulnerability CVE-2020-12689 affects Keystone before 15.0.1 and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with escalated permissions, potentially allowing the user to act as admin on a project where a...