2 matches found
OpenStack Keystone has an unspecified vulnerability
OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration NASA in collaboration with Rackspace in the U.S. OpenStack Keystone is a module used in OpenStack to manage the authentication, service rules, and service token functions. A security...
DEBIAN-CVE-2019-19687
OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any credentials with the /v3/credentials API when enforcescope is false. Users with a role on a project are able to view any other users' credentials,...