CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1543 matches found

PyPA•added 2012/09/05 11:55 p.m.•5 views

PYSEC-2012-19

OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and OpenStack Essex 2012.1, allows remote attackers to add an arbitrary user to an arbitrary tenant via a request to update the user's default tenant to the administrative API. NOTE: this identifier was originally incorrectly...

5.8CVSS7.3AI score0.02895EPSS

Exploits1References10Affected Software1

Cvelist•added 2012/09/05 11:0 p.m.•33 views

CVE-2012-3542

6.3AI score0.0248EPSS

Exploits0References9

Debian CVE•added 2012/09/05 11:0 p.m.•28 views

CVE-2012-3542

4.3CVSS6.4AI score0.0248EPSS

Exploits0

CVE•added 2012/09/05 11:0 p.m.•79 views

CVE-2012-3542

CVE-2012-3542 affects OpenStack Keystone as used in OpenStack Folsom (before folsom-rc1) and Essex (2012.1). The vulnerability arises in the identity service API where a remote attacker can cause an arbitrary user to be added to an arbitrary tenant by updating the user’s default tenant via the ad...

4.3CVSS6.5AI score0.0248EPSS

Exploits0References9Affected Software2

Positive Technologies•added 2012/09/05 12:0 a.m.•4 views

PT-2012-4796 · Openstack · Openstack Keystone +1

Name of the Vulnerable Software and Affected Versions: OpenStack Keystone versions prior to folsom-rc1 OpenStack Essex 2012.1 Description: The issue allows remote attackers to add an arbitrary user to an arbitrary tenant via a request to update the user's default tenant to the administrative API...

8.7CVSS6.3AI score0.0248EPSS

Exploits0References19

OpenVAS•added 2012/09/04 12:0 a.m.•32 views

Ubuntu Update for keystone USN-1552-1

Ubuntu Update for Linux kernel vulnerabilities USN-1552-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN15521.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for keystone USN-1552-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net Thi...

4.9CVSS6.4AI score0.0248EPSS

Exploits1References2

Tenable Nessus•added 2012/09/04 12:0 a.m.•27 views

Ubuntu 12.04 LTS : keystone vulnerabilities (USN-1552-1)

Dolph Mathews discovered that OpenStack Keystone did not properly restrict to administrative users the ability to update users' tenants. A remote attacker that can reach the administrative API can use this to add any user to any tenant. CVE-2012-3542 Derek Higgins discovered that OpenStack Keysto...

4.9CVSS5.4AI score0.0248EPSS

Exploits1References3

OpenVAS•added 2012/09/04 12:0 a.m.•32 views

Ubuntu: Security Advisory (USN-1552-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.9CVSS6.4AI score0.0248EPSS

Exploits1References2

Ubuntu•added 2012/09/03 5:3 p.m.•52 views

USN-1552-1: OpenStack Keystone vulnerabilities

4.9CVSS5.3AI score0.0248EPSS

Exploits1

securityvulns•added 2012/09/03 12:0 a.m.•87 views

[USN-1552-1] OpenStack Keystone vulnerabilities

========================================================================== Ubuntu Security Notice USN-1552-1 September 03, 2012 keystone vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...

4.9CVSS0.9AI score0.0248EPSS

Exploits1

securityvulns•added 2012/09/03 12:0 a.m.•39 views

OpenStack Keystone limitations bypass

Administrative user limitations and token lifetime limitations bypass...

4.9CVSS2.2AI score0.0248EPSS

Exploits1References1Affected Software1

OpenVAS•added 2012/08/30 12:0 a.m.•30 views

Fedora Update for openstack-keystone FEDORA-2012-4690

7.5CVSS7.6AI score0.01199EPSS

Exploits0References2

UbuntuCve•added 2012/08/30 12:0 a.m.•30 views

CVE-2012-3542

4.3CVSS6AI score0.0248EPSS

Exploits0References4

OSV•added 2012/07/31 10:45 a.m.•7 views

CVE-2012-3426

OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenStack Essex, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by 1 creating new tokens through token chaining, 2 leveraging...

6.1AI score

Exploits0References16

NVD•added 2012/07/31 10:45 a.m.•24 views

CVE-2012-3426

4.9CVSS6.1AI score0.02266EPSS

Exploits1References14

OSV•added 2012/07/31 10:45 a.m.•1 views

DEBIAN-CVE-2012-3426

4.9CVSS6.4AI score0.02266EPSS

Exploits1References1

Prion•added 2012/07/31 10:45 a.m.•15 views

Authorization

4.9CVSS6.4AI score0.02266EPSS

Exploits1References14Affected Software2

PyPA•added 2012/07/31 10:45 a.m.•6 views

PYSEC-2012-34

4.9CVSS6.8AI score0.02266EPSS

Exploits1References17Affected Software1

Cvelist•added 2012/07/31 10:0 a.m.•28 views

CVE-2012-3426

6AI score0.02266EPSS

Exploits1References14

CVE•added 2012/07/31 10:0 a.m.•77 views

CVE-2012-3426

OpenStack Keystone before version 2012.1.1 (as used in Folsom before Folsom-1 and Essex) does not properly enforce token expiration, allowing remote authenticated users to bypass authorization by: (1) chaining tokens to create new ones, (2) using a token from a disabled account, or (3) using a to...

4.9CVSS6.1AI score0.02266EPSS

Exploits1References14Affected Software3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by