Lucene search
K

31 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-0014

Malware in sbrugna...

6.8CVSS6AI score0.02608EPSS
Exploits0References21
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2014-0091

Malware in sbrugna...

5.5CVSS6AI score0.02064EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2025/04/15 12:0 a.m.15 views

RHEL 6 : python-keystoneclient (RHSA-2013:0944)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0944 advisory. Python-keystoneclient is the client library and command line utility for interacting with the OpenStack identity API. A flaw in Keystone allowed an...

5.5CVSS5.7AI score0.02064EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.5 views

SUSE CVE-2013-2104

python-keystoneclient before 0.2.4, as used in OpenStack Keystone Folsom, does not properly check expiry for PKI tokens, which allows remote authenticated users to 1 retain use of a token after it has expired, or 2 use a revoked token once it expires...

5.5CVSS6.7AI score0.02064EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:13 a.m.3 views

SUSE CVE-2015-7546

The identity service in OpenStack Identity Keystone before 2015.1.3 Kilo and 8.0.x before 8.0.2 Liberty and keystonemiddleware formerly python-keystoneclient before 1.5.4 Kilo and Liberty before 2.3.3 does not properly invalidate authorization tokens when using the PKI or PKIZ token providers,...

7.5CVSS6.9AI score0.01708EPSS
Exploits0References3
OSV
OSV
added 2022/05/17 4:56 a.m.34 views

GHSA-22Q6-WWQ7-2JJ9 OpenStack Keystone Improper Authentication vulnerability

OpenStack Keystone Folsom 2012.2 does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token...

6.9CVSS6.2AI score0.02608EPSS
Exploits0References16
Veracode
Veracode
added 2019/01/15 8:59 a.m.25 views

Authorization Bypass

openstack-keystone is vulnerable to authorization bypass attacks. The vulnerability exists as the 1 mamcache and 2 KVS token backends in OpenStack Identity Keystone Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remot...

5CVSS6AI score0.02342EPSS
Exploits0References11Affected Software1
Veracode
Veracode
added 2019/01/15 8:54 a.m.29 views

Failure In Verification Of PKI Token Expiry

There is a flaw in python-keystoneclient which does not verify the expiry of PKI tokens. It allows an authenticated user to use a token or even a revoked token after its expiry...

5.5CVSS8.9AI score0.02064EPSS
Exploits0References13Affected Software1
Veracode
Veracode
added 2019/01/15 8:51 a.m.28 views

Authentication Bypass

openstack-keystone is vulnerable to authentication bypass. This is due to the way PKI tokens are revoked, which allow users with revoked tokens to retain access to resources that should no longer be accessible...

5CVSS6.2AI score0.03067EPSS
Exploits0References12Affected Software1
OSV
OSV
added 2014/01/21 6:55 p.m.8 views

CVE-2013-2104

python-keystoneclient before 0.2.4, as used in OpenStack Keystone Folsom, does not properly check expiry for PKI tokens, which allows remote authenticated users to 1 retain use of a token after it has expired, or 2 use a revoked token once it expires...

6AI score
Exploits0References6
NVD
NVD
added 2014/01/21 6:55 p.m.24 views

CVE-2013-2104

python-keystoneclient before 0.2.4, as used in OpenStack Keystone Folsom, does not properly check expiry for PKI tokens, which allows remote authenticated users to 1 retain use of a token after it has expired, or 2 use a revoked token once it expires...

5.5CVSS6.1AI score0.02064EPSS
Exploits0References6
OSV
OSV
added 2014/01/21 6:55 p.m.40 views

PYSEC-2014-69

python-keystoneclient before 0.2.4, as used in OpenStack Keystone Folsom, does not properly check expiry for PKI tokens, which allows remote authenticated users to 1 retain use of a token after it has expired, or 2 use a revoked token once it expires...

5.5CVSS3.9AI score0.02064EPSS
Exploits0References7
Cvelist
Cvelist
added 2014/01/21 6:0 p.m.40 views

CVE-2013-2104

python-keystoneclient before 0.2.4, as used in OpenStack Keystone Folsom, does not properly check expiry for PKI tokens, which allows remote authenticated users to 1 retain use of a token after it has expired, or 2 use a revoked token once it expires...

9AI score0.02064EPSS
Exploits0References6
CVE
CVE
added 2014/01/21 6:0 p.m.90 views

CVE-2013-2104

CVE-2013-2104 affects Python-keystoneclient = 0.2.4) as part of OpenStack/Keystone updates; multiple advisories reference this fix (e.g., RHSA-2013:0944, openSUSE/SUSE patches). Technical details and affected environments are corroborated across Nessus, OSV, and OSV.DEBIAN entries in the connecte...

5.5CVSS8.8AI score0.02064EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2014/01/21 6:0 p.m.74 views

CVE-2013-2104

python-keystoneclient before 0.2.4, as used in OpenStack Keystone Folsom, does not properly check expiry for PKI tokens, which allows remote authenticated users to 1 retain use of a token after it has expired, or 2 use a revoked token once it expires...

5.5CVSS6.1AI score0.02064EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2013/09/25 4:12 p.m.54 views

Moderate: Red Hat Security Advisory: openstack-keystone security update

Updated openstack-keystone packages that fix one security issue are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

5CVSS5.7AI score0.02342EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2013/09/23 8:0 p.m.74 views

CVE-2013-4294

The 1 mamcache and 2 KVS token backends in OpenStack Identity Keystone Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token...

5CVSS6.4AI score0.02342EPSS
Exploits0
OpenVAS
OpenVAS
added 2013/06/18 12:0 a.m.29 views

Ubuntu: Security Advisory (USN-1875-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS9.6AI score0.03128EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/06/14 12:0 a.m.32 views

Ubuntu 12.10 / 13.04 : keystone vulnerabilities (USN-1875-1)

Eoghan Glynn and Alex Meade discovered that Keystone did not properly perform expiry checks for the PKI tokens used in Keystone. If Keystone were setup to use PKI tokens, a previously authenticated user could continue to use a PKI token for longer than intended. This issue only affected Ubuntu...

5.5CVSS5.4AI score0.03128EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2013/06/12 4:37 p.m.37 views

Moderate: Red Hat Security Advisory: python-keystoneclient security and bug fix update

Updated python-keystoneclient packages that fix one security issue and multiple bugs are now available for Red Hat OpenStack 3.0 Grizzly Preview. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, whi...

5.5CVSS5.8AI score0.02064EPSS
Exploits0References4
Rows per page
Query Builder