Lucene search
K

8 matches found

OpenVAS
OpenVAS
added 2014/08/08 12:0 a.m.27 views

Fedora Update for openstack-keystone FEDORA-2014-5497

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.5AI score0.03155EPSS
Exploits7References2
OpenVAS
OpenVAS
added 2014/04/21 12:0 a.m.31 views

Fedora Update for openstack-keystone FEDORA-2014-4903

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4AI score
Exploits0References2
OpenVAS
OpenVAS
added 2014/04/08 12:0 a.m.33 views

Fedora Update for openstack-keystone FEDORA-2014-4210

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.5AI score0.03128EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2014/04/03 8:18 p.m.47 views

Moderate: Red Hat Security Advisory: openstack-keystone security update

Updated openstack-keystone packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 3.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

5.8CVSS5.9AI score0.02239EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2014/02/03 12:0 a.m.31 views

Fedora Update for openstack-keystone FEDORA-2013-23589

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4AI score
Exploits0References2
seebug.org
seebug.org
added 2013/12/16 12:0 a.m.36 views

OpenStack Keystone EC2-style令牌校验特权提升漏洞

Bugtraq ID:64253 CVE ID:CVE-2013-6391 Keystone是Openstack中用于身份验证的项目,任何服务请求需要经过它的验证获得服务的endpoint。 OpenStack Keystone在使用trust-scoped令牌生成EC2验证凭据时ec2tokens API存在一个安全漏洞,允许远程利用漏洞访问其他受限委托人角色trustor's roles,提升权限。 要成功利用漏洞需要应用启用了EC2-style验证。 0 OpenStack Keystone 2013.x...

5.8CVSS6.5AI score0.02239EPSS
Exploits2
OSV
OSV
added 2013/12/14 5:21 p.m.8 views

CVE-2013-6391

The ec2tokens API in OpenStack Identity Keystone before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain privileges by generating EC2 credentials from a trust-scoped token and using them in an ec2toke...

6.6AI score
Exploits0References11
CVE
CVE
added 2013/12/14 5:0 p.m.76 views

CVE-2013-6391

Summary (CVE-2013-6391) OpenStack Keystone’s ec2token API could generate a token not scoped to a specific trust when converting a trust-scoped token, allowing remote trust users to obtain EC2 credentials and potentially elevate privileges. Affected releases include Keystone before Havana 2013.2.1...

5.8CVSS6.6AI score0.02239EPSS
Exploits2References8Affected Software1
Rows per page
Query Builder