Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.23 views

Oracle Solaris Third-Party Patch Update : keystone (cve_2014_3621_information_disclosure)

The remote Solaris system is missing necessary patches to address security updates : - The catalog url replacement in Keystone before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuration options via a crafted endpoint, as demonstrated by...

4CVSS5.4AI score0.02109EPSS
Exploits1References3
securityvulns
securityvulns
added 2014/12/01 12:0 a.m.61 views

[USN-2406-1] OpenStack Keystone vulnerability

========================================================================== Ubuntu Security Notice USN-2406-1 November 11, 2014 keystone vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

4CVSS0.2AI score0.02109EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2014/11/03 8:47 a.m.26 views

Important: Red Hat Security Advisory: openstack-keystone security and bug fix update

Updated openstack-keystone packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring...

4CVSS5.8AI score0.02109EPSS
Exploits1References4
NVD
NVD
added 2014/10/02 2:55 p.m.36 views

CVE-2014-3621

The catalog url replacement in OpenStack Identity Keystone before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuration options via a crafted endpoint, as demonstrated by "$admintoken" in the publicurl endpoint field...

4CVSS5.8AI score0.02109EPSS
Exploits1References6
OSV
OSV
added 2014/10/02 2:55 p.m.8 views

CVE-2014-3621

The catalog url replacement in OpenStack Identity Keystone before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuration options via a crafted endpoint, as demonstrated by "$admintoken" in the publicurl endpoint field...

5.7AI score
Exploits0References10
CVE
CVE
added 2014/10/02 2:0 p.m.88 views

CVE-2014-3621

CVE-2014-3621 affects OpenStack Keystone (identity service). The issue is a catalog URL replacement in Keystone that, when processing endpoints, can disclose sensitive configuration by crafting the publicurl field (demonstrated via $(admin_token)). Affected releases include Keystone before 2013.2...

4CVSS5.8AI score0.02109EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder