Lucene search
K

150 matches found

Tenable Nessus
Tenable Nessus
added 2025/04/15 12:0 a.m.12 views

RHEL 6 : python-keystoneclient (RHSA-2013:0944)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0944 advisory. Python-keystoneclient is the client library and command line utility for interacting with the OpenStack identity API. A flaw in Keystone allowed an...

5.5CVSS5.7AI score0.02064EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2014-3476

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Identity Keystone before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained delegation, which allows remote...

6CVSS5.9AI score0.02308EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2015-7546

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The identity service in OpenStack Identity Keystone before 2015.1.3 Kilo and 8.0.x before 8.0.2 Liberty and keystonemiddleware formerly python-keystoneclient...

7.5CVSS7.2AI score0.01708EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2014-3520

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Identity Keystone before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated trustees to gain access to an unauthoriz...

6.5CVSS5.9AI score0.01907EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/11/04 12:0 a.m.14 views

RHEL 6 : openstack-keystone (RHSA-2014:0580)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0580 advisory. The OpenStack Identity service keystone authenticates and authorizes OpenStack users by keeping track of users and their permitted activities. The...

5CVSS5.6AI score0.01367EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2024/11/04 12:0 a.m.11 views

RHEL 6 : openstack-keystone (RHSA-2014:0994)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0994 advisory. The OpenStack Identity service keystone authenticates and authorizes OpenStack users by keeping track of users and their permitted activitie...

6.5CVSS5.7AI score0.02308EPSS
Exploits2References6
OSV
OSV
added 2022/05/17 4:58 a.m.33 views

GHSA-5QPP-V56F-MQFM OpenStack Identity (Keystone) allows remote attackers to bypass intended access restrictions via revoked PKI token

The 1 mamcache and 2 KVS token backends in OpenStack Identity Keystone Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token...

6.9CVSS6.1AI score0.02342EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2022/05/17 4:58 a.m.34 views

OpenStack Identity (Keystone) allows remote attackers to bypass intended access restrictions via revoked PKI token

The 1 mamcache and 2 KVS token backends in OpenStack Identity Keystone Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token...

5CVSS5.8AI score0.02342EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2022/05/17 4:31 a.m.7 views

GHSA-V8FQ-GQ9J-3V7H OpenStack Identity (Keystone) UUID v2 tokens does not expire with revocation events

The V3 API in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 updates the issuedat value for UUID v2 tokens, which allows remote authenticated users to bypass the token expiration and retain access via a verification 1 GET or 2 HEAD request to v3/auth/tokens/...

7.1CVSS6AI score0.01515EPSS
Exploits0References11
Github Security Blog
Github Security Blog
added 2022/05/17 4:31 a.m.30 views

OpenStack Identity (Keystone) UUID v2 tokens does not expire with revocation events

The V3 API in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 updates the issuedat value for UUID v2 tokens, which allows remote authenticated users to bypass the token expiration and retain access via a verification 1 GET or 2 HEAD request to v3/auth/tokens/...

4.9CVSS6.8AI score0.01515EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2022/05/17 4:31 a.m.8 views

GHSA-GMVP-5RF9-MXCM OpenStack Identity (Keystone) Multiple vulnerabilities in revocation events

The MySQL token driver in OpenStack Identity Keystone 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users to retain access via an expired token...

7.1CVSS6AI score0.01592EPSS
Exploits0References10
OSV
OSV
added 2022/05/17 4:3 a.m.4 views

GHSA-6MV3-P2GR-WGQF OpenStack Identity (Keystone) DoS through V3 API authentication chaining

The V3 API in OpenStack Identity Keystone 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service CPU consumption via a large number of the same authentication method in a request, aka "authentication chaining."...

8.7CVSS6.5AI score0.03155EPSS
Exploits1References9
Github Security Blog
Github Security Blog
added 2022/05/17 4:3 a.m.28 views

OpenStack Identity (Keystone) DoS through V3 API authentication chaining

The V3 API in OpenStack Identity Keystone 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service CPU consumption via a large number of the same authentication method in a request, aka "authentication chaining."...

7.8CVSS7.3AI score0.03155EPSS
Exploits1References9Affected Software1
OSV
OSV
added 2022/05/17 3:41 a.m.6 views

GHSA-F82M-W3P3-CGP3 OpenStack Identity Keystone Improper Access Control

The Fernet Token Provider in OpenStack Identity Keystone 9.0.x before 9.0.1 mitaka allows remote authenticated users to prevent revocation of a chain of tokens and bypass intended access restrictions by rescoping a token...

5.3CVSS4.3AI score0.01402EPSS
Exploits0References10
OSV
OSV
added 2022/05/17 1:36 a.m.3 views

GHSA-HJ89-QMX9-8QMH OpenStack Identity (Keystone) improper revoking of the authentication token when deleting a user

OpenStack Identity Keystone Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token...

5.3CVSS6.2AI score0.02468EPSS
Exploits1References13
OSV
OSV
added 2022/05/13 1:26 a.m.12 views

GHSA-C4P9-87H3-7VR4 OpenStack Identity Keystone Improper Privilege Management

OpenStack Identity Keystone before 2014.1.1 does not properly handle when a role is assigned to a group that has the same ID as a user, which allows remote authenticated users to gain privileges that are assigned to a group with the same ID...

6.5CVSS6.3AI score0.01386EPSS
Exploits1References8
OSV
OSV
added 2022/05/13 1:26 a.m.7 views

GHSA-8C4W-V65P-JVCV OpenStack Identity Keystone and keystonemiddleware Insufficiently Protected Credentials

The identity service in OpenStack Identity Keystone before 2015.1.3 Kilo and 8.0.x before 8.0.2 Liberty and keystonemiddleware formerly python-keystoneclient before 1.5.4 Kilo and Liberty before 2.3.3 does not properly invalidate authorization tokens when using the PKI or PKIZ token providers,...

8.6CVSS7.3AI score0.01708EPSS
Exploits0References10
OSV
OSV
added 2022/05/13 1:26 a.m.6 views

GHSA-8V8F-VC72-PMHC OpenStack Identity Keystone Exposure of Sensitive Information

The catalog url replacement in OpenStack Identity Keystone before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuration options via a crafted endpoint, as demonstrated by "$admintoken" in the publicurl endpoint field...

4CVSS5.7AI score0.02109EPSS
Exploits1References14
OSV
OSV
added 2022/05/13 1:26 a.m.4 views

GHSA-7332-36H8-8JH8 OpenStack Identity (Keystone) Denial of Service

OpenStack Identity Keystone before 2013.1 allows remote attackers to cause a denial of service memory consumption and crash via multiple long requests...

5CVSS6.4AI score0.03244EPSS
Exploits0References8
OSV
OSV
added 2022/05/13 1:26 a.m.7 views

GHSA-274V-R947-V34R OpenStack Identity Keystone is vulnerable to Block delegation escalation of privilege

OpenStack Identity Keystone before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained delegation, which allows remote authenticated users to gain privileges by leveraging a 1 trust or 2 OAuth token with impersonation enabled to create a new token with...

6CVSS6.3AI score0.02308EPSS
Exploits1References7
Rows per page
Query Builder