2 matches found
OpenStack: Keystone disabling a tenant does not disable a user token
OpenStack Identity Keystone Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token...
PT-2013-2160 · Openstack · Openstack Glance
Name of the Vulnerable Software and Affected Versions: OpenStack Glance versions 2012.1, 2012.2 before 2012.2.3, and 2012.2.3 and earlier of Grizzly Description: The issue allows remote authenticated users to obtain sensitive information by reading error messages. This occurs when the Swift...