Lucene search
+L

328 matches found

ubuntucve
ubuntucve
added 2013/09/30 12:0 a.m.45 views

CVE-2013-4222

OpenStack Identity Keystone Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token...

6.5CVSS5.9AI score0.01892EPSS
Exploits0References3
redhat
redhat
added 2013/09/25 4:12 p.m.4 views

OpenStack: Keystone Token revocation failure using Keystone memcache/KVS backends

The 1 mamcache and 2 KVS token backends in OpenStack Identity Keystone Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token...

5CVSS5.8AI score0.02342EPSS
Exploits0References4
osv
osv
added 2013/09/23 8:55 p.m.2 views

DEBIAN-CVE-2013-4294

The 1 mamcache and 2 KVS token backends in OpenStack Identity Keystone Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token...

5CVSS6.9AI score0.02342EPSS
Exploits0References1
osv
osv
added 2013/09/23 8:55 p.m.12 views

PYSEC-2013-42

The 1 mamcache and 2 KVS token backends in OpenStack Identity Keystone Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token...

5CVSS6.3AI score0.02342EPSS
Exploits0References6
osv
osv
added 2013/05/21 6:55 p.m.2 views

DEBIAN-CVE-2013-2059

OpenStack Identity Keystone Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token...

6CVSS7AI score0.02468EPSS
Exploits1References1
osv
osv
added 2013/05/21 6:55 p.m.7 views

PYSEC-2013-41

OpenStack Identity Keystone Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token...

6CVSS6.2AI score0.02468EPSS
Exploits1References11
pypa
pypa
added 2013/05/21 6:55 p.m.8 views

PYSEC-2013-41

OpenStack Identity Keystone Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token...

6CVSS7AI score0.02468EPSS
Exploits1References11Affected Software1
redhat
redhat
added 2013/04/04 8:15 p.m.7 views

keystone: online validation of Keystone PKI tokens bypasses revocation check

OpenStack Keystone Folsom 2012.2 does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token...

6.8CVSS5.9AI score0.02608EPSS
Exploits0References4
Rows per page
Query Builder