Lucene search
K

11 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.3 views

SUSE CVE-2020-12689

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope trust/oauth/application credential can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially...

8.8CVSS6.8AI score0.01562EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/09/02 12:0 a.m.26 views

Ubuntu: Security Advisory (USN-4480-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.5AI score0.04918EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/09/02 12:0 a.m.36 views

Ubuntu 18.04 LTS : OpenStack Keystone vulnerabilities (USN-4480-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4480-1 advisory. It was discovered that OpenStack Keystone incorrectly handled EC2 credentials. An authenticated attacker with a limited scope could possibly create EC2...

8.8CVSS7.1AI score0.04918EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/26 2:47 p.m.27 views

Security Bulletin: Openstack Keystone vulnerabilities affects IBM Spectrum Scale (CVE-2020-12689)

Summary IBM Spectrum Scale, shipped with Openstack keystone, is exposed to vulnerabilities as detailed below. Vulnerability Details CVEID: CVE-2020-12689 DESCRIPTION: OpenStack Keystone could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper...

8.8CVSS1.4AI score0.04918EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2020/07/22 12:38 p.m.35 views

Important: Red Hat Security Advisory: openstack-keystone security update

An update for openstack-keystone is now available for Red Hat OpenStack Platform 16 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS6.7AI score0.04918EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/07/22 12:36 p.m.42 views

Important: Red Hat Security Advisory: openstack-keystone security update

An update for openstack-keystone is now available for Red Hat OpenStack Platform 15 Stein. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS6.7AI score0.04918EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/07/22 12:13 p.m.44 views

Important: Red Hat Security Advisory: openstack-keystone security update

An update for openstack-keystone is now available for Red Hat OpenStack Platform 10 Newton. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS7.2AI score0.04918EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/07/22 12:0 a.m.35 views

RHEL 8 : openstack-keystone (RHSA-2020:3102)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3102 advisory. The OpenStack Identity service keystone authenticates and authorizes OpenStack users by keeping track of users and their permitted activitie...

8.8CVSS7AI score0.04918EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2020/07/22 12:0 a.m.28 views

RHEL 7 : openstack-keystone (RHSA-2020:3096)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3096 advisory. The OpenStack Identity service keystone authenticates and authorizes OpenStack users by keeping track of users and their permitted activitie...

8.8CVSS7.8AI score0.04918EPSS
Exploits0References6
OSV
OSV
added 2020/05/07 12:15 a.m.3 views

UBUNTU-CVE-2020-12689

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope trust/oauth/application credential can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially...

8.8CVSS7.3AI score0.01562EPSS
Exploits0References4
CVE
CVE
added 2020/05/06 11:43 p.m.105 views

CVE-2020-12689

OpenStack Keystone vulnerability CVE-2020-12689 affects Keystone before 15.0.1 and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with escalated permissions, potentially allowing the user to act as admin on a project where a...

8.8CVSS8.3AI score0.01562EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder