Lucene search
K

306 matches found

OSV
OSV
added 2013/09/23 8:55 p.m.1 views

DEBIAN-CVE-2013-4294

The 1 mamcache and 2 KVS token backends in OpenStack Identity Keystone Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token...

5CVSS6.9AI score0.02342EPSS
Exploits0References1
OSV
OSV
added 2013/09/23 8:55 p.m.11 views

PYSEC-2013-42

The 1 mamcache and 2 KVS token backends in OpenStack Identity Keystone Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token...

5CVSS6.3AI score0.02342EPSS
Exploits0References6
OSV
OSV
added 2013/05/21 6:55 p.m.2 views

DEBIAN-CVE-2013-2059

OpenStack Identity Keystone Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token...

6CVSS7AI score0.02468EPSS
Exploits1References1
PyPA
PyPA
added 2013/05/21 6:55 p.m.7 views

PYSEC-2013-41

OpenStack Identity Keystone Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token...

6CVSS7AI score0.02468EPSS
Exploits1References11Affected Software1
OSV
OSV
added 2013/05/21 6:55 p.m.7 views

PYSEC-2013-41

OpenStack Identity Keystone Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token...

6CVSS6.2AI score0.02468EPSS
Exploits1References11
RedHat Linux
RedHat Linux
added 2013/04/04 8:15 p.m.4 views

keystone: online validation of Keystone PKI tokens bypasses revocation check

OpenStack Keystone Folsom 2012.2 does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token...

6.8CVSS5.9AI score0.02608EPSS
Exploits0References4
Rows per page
Query Builder