Lucene search
K

5 matches found

Veracode
Veracode
added 2019/01/15 8:52 a.m.24 views

Improper Invalidation Of Token

openstack-keystone is vulnerable to access bypass attacks. The vulnerability exists as the memcache token backend in OpenStack Identity Keystone 2013.1 through 2.013.1.4, 2013.2 through 2013.2.2, and icehouse before icehouse-3, when issuing a trust token with impersonation enabled, does not inclu...

5CVSS6AI score0.01367EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2014/04/15 2:55 p.m.5 views

UBUNTU-CVE-2014-0105

The authtoken middleware in the OpenStack Python client library for Keystone aka python-keystoneclient before 0.7.0 does not properly retrieve user tokens from memcache, which allows remote authenticated users to gain privileges in opportunistic circumstances via a large number of requests, relat...

6CVSS5.8AI score0.01101EPSS
Exploits0References2
OSV
OSV
added 2014/04/01 6:35 a.m.3 views

DEBIAN-CVE-2014-2237

The memcache token backend in OpenStack Identity Keystone 2013.1 through 2.013.1.4, 2013.2 through 2013.2.2, and icehouse before icehouse-3, when issuing a trust token with impersonation enabled, does not include this token in the trustee's token-index-list, which prevents the token from being...

5CVSS6.8AI score0.01367EPSS
Exploits1References1
Cvelist
Cvelist
added 2014/04/01 1:0 a.m.34 views

CVE-2014-2237

The memcache token backend in OpenStack Identity Keystone 2013.1 through 2.013.1.4, 2013.2 through 2013.2.2, and icehouse before icehouse-3, when issuing a trust token with impersonation enabled, does not include this token in the trustee's token-index-list, which prevents the token from being...

6.1AI score0.01367EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2014/04/01 1:0 a.m.30 views

CVE-2014-2237

The memcache token backend in OpenStack Identity Keystone 2013.1 through 2.013.1.4, 2013.2 through 2013.2.2, and icehouse before icehouse-3, when issuing a trust token with impersonation enabled, does not include this token in the trustee's token-index-list, which prevents the token from being...

5CVSS6.2AI score0.01367EPSS
Exploits1
Rows per page
Query Builder