Lucene search
+L

9 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:45 a.m.4 views

SUSE CVE-2012-3540

Open redirect vulnerability in views/authforms.py in OpenStack Dashboard Horizon Essex 2012.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by...

5.8CVSS6.7AI score0.02895EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:43 a.m.6 views

SUSE CVE-2012-5571

A flaw was found in OpenStack Keystone. This vulnerability allows remote authenticated users to bypass intended authorization restrictions. This occurs because OpenStack Keystone does not properly handle EC2 Elastic Compute Cloud tokens when a user's role has been removed from a tenant. An attack...

5.4CVSS5.7AI score0.02038EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2019/12/30 8:15 p.m.24 views

CVE-2012-5474

The file /etc/openstack-dashboard/localsettings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release python-django-horizon package before 2012.1.1 is world readable and exposes the secret key value...

5.5CVSS6.1AI score0.00338EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2019/12/30 7:36 p.m.44 views

CVE-2012-5474

The file /etc/openstack-dashboard/localsettings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release python-django-horizon package before 2012.1.1 is world readable and exposes the secret key value...

5.5CVSS5.6AI score0.00338EPSS
Exploits1
Cvelist
Cvelist
added 2019/12/30 7:36 p.m.33 views

CVE-2012-5474

The file /etc/openstack-dashboard/localsettings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release python-django-horizon package before 2012.1.1 is world readable and exposes the secret key value...

5.5AI score0.00338EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/10/16 5:47 p.m.11 views

OpenStack-Horizon: Open redirect through 'next' parameter

Open redirect vulnerability in views/authforms.py in OpenStack Dashboard Horizon Essex 2012.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by...

5.8CVSS6AI score0.02895EPSS
Exploits1References4
OSV
OSV
added 2012/10/09 3:55 p.m.7 views

DEBIAN-CVE-2012-4457

OpenStack Keystone Essex before 2012.1.2 and Folsom before folsom-3 does not properly handle authorization tokens for disabled tenants, which allows remote authenticated users to access the tenant's resources by requesting a token for the tenant...

4CVSS6.7AI score0.02267EPSS
Exploits0References1
OSV
OSV
added 2012/06/21 3:55 p.m.5 views

DEBIAN-CVE-2012-2654

The 1 EC2 and 2 OS APIs in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 do not properly check the protocol when security groups are created and the network protocol is not specified entirely in lowercase, which allows remote attackers to bypass intended access restriction...

4.3CVSS7AI score0.02626EPSS
Exploits1References1
PyPA
PyPA
added 2012/06/21 3:55 p.m.8 views

PYSEC-2012-37

The 1 EC2 and 2 OS APIs in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 do not properly check the protocol when security groups are created and the network protocol is not specified entirely in lowercase, which allows remote attackers to bypass intended access restriction...

4.3CVSS7AI score0.02626EPSS
Exploits1References12Affected Software1
Rows per page
Query Builder