Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.14 views

RHEL 7 : openstack-keystone (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - openstack-keystone: Improper check of tampered revocated PKI/PKIZ token CVE-2015-7546 Note that Nessus has not test...

7.5CVSS7.7AI score0.01708EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.18 views

RHEL 6 : openstack-keystone (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - openstack-keystone: Improper check of tampered revocated PKI/PKIZ token CVE-2015-7546 Note that Nessus has not test...

7.5CVSS7.6AI score0.01708EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/01 7:8 p.m.23 views

Security Bulletin: IBM Spectrum Scale Object Protocols functionality is affected by security vulnerabilities in OpenStack (CVE-2015-1852 and CVE-2015-7546)

Summary IBM Spectrum Scale Object Protocols functionality is affected by security vulnerabilities in OpenStack that could allow: - a man-in-the-middle attack, caused by an error in the api-paste.ini configuration file. A remote attacker could exploit this vulnerability using a specially-crafted...

7.5CVSS1.1AI score0.02586EPSS
Exploits0Affected Software1
OSV
OSV
added 2016/02/03 6:59 p.m.9 views

CVE-2015-7546

The identity service in OpenStack Identity Keystone before 2015.1.3 Kilo and 8.0.x before 8.0.2 Liberty and keystonemiddleware formerly python-keystoneclient before 1.5.4 Kilo and Liberty before 2.3.3 does not properly invalidate authorization tokens when using the PKI or PKIZ token providers,...

7.5CVSS7.3AI score
Exploits0References7
CVE
CVE
added 2016/02/03 3:0 p.m.65 views

CVE-2015-7546

CVE-2015-7546 affects OpenStack Keystone and related keystonemiddleware: the identity service fails to invalidate authorization tokens when using PKI or PKIZ providers, enabling remote authenticated users to bypass access controls by manipulating bytes in a revoked token. Affected versions includ...

7.5CVSS7.2AI score0.01708EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder