Lucene search
+L

9 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.4 views

SUSE CVE-2020-12690

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. Th...

8.8CVSS7AI score0.01896EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/09/02 12:0 a.m.36 views

Ubuntu 18.04 LTS : OpenStack Keystone vulnerabilities (USN-4480-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4480-1 advisory. It was discovered that OpenStack Keystone incorrectly handled EC2 credentials. An authenticated attacker with a limited scope could possibly create EC2...

8.8CVSS7.1AI score0.04918EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2020/09/02 12:0 a.m.26 views

Ubuntu: Security Advisory (USN-4480-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.5AI score0.04918EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/07/22 12:38 p.m.36 views

Important: Red Hat Security Advisory: openstack-keystone security update

An update for openstack-keystone is now available for Red Hat OpenStack Platform 16 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS6.7AI score0.04918EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/07/22 12:36 p.m.43 views

Important: Red Hat Security Advisory: openstack-keystone security update

An update for openstack-keystone is now available for Red Hat OpenStack Platform 15 Stein. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS6.7AI score0.04918EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/07/22 12:0 a.m.35 views

RHEL 8 : openstack-keystone (RHSA-2020:3102)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3102 advisory. The OpenStack Identity service keystone authenticates and authorizes OpenStack users by keeping track of users and their permitted activitie...

8.8CVSS7AI score0.04918EPSS
Exploits0References10
OSV
OSV
added 2020/05/07 12:15 a.m.4 views

DEBIAN-CVE-2020-12690

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. Th...

8.8CVSS7AI score0.01896EPSS
Exploits0References1
CVE
CVE
added 2020/05/06 11:43 p.m.122 views

CVE-2020-12690

CVE-2020-12690 affects OpenStack Keystone before 15.0.1 and 16.0.0, where the list of roles for an OAuth1 access token is silently ignored. As a result, the keystone token may include every role the token creator has for the project, yielding elevated permissions not intended. Affected product/ve...

8.8CVSS8.4AI score0.01896EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2020/05/06 11:43 p.m.44 views

CVE-2020-12690

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. Th...

8.8CVSS8.2AI score0.01896EPSS
Exploits0
Rows per page
Query Builder