Lucene search
K

150 matches found

UbuntuCve
UbuntuCve
added 2014/07/02 12:0 a.m.26 views

CVE-2014-3520

OpenStack Identity Keystone before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated trustees to gain access to an unauthorized project for which the trustor has certain roles via the project ID in a V2 API trust token request...

6.5CVSS5.9AI score0.01907EPSS
Exploits1References3
NVD
NVD
added 2014/06/17 2:55 p.m.20 views

CVE-2014-3476

OpenStack Identity Keystone before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained delegation, which allows remote authenticated users to gain privileges by leveraging a 1 trust or 2 OAuth token with impersonation enabled to create a new token with...

6CVSS6.3AI score0.02308EPSS
Exploits1References6
OSV
OSV
added 2014/06/17 2:55 p.m.8 views

CVE-2014-3476

OpenStack Identity Keystone before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained delegation, which allows remote authenticated users to gain privileges by leveraging a 1 trust or 2 OAuth token with impersonation enabled to create a new token with...

6.3AI score
Exploits0References11
Prion
Prion
added 2014/06/17 2:55 p.m.23 views

Design/Logic Flaw

OpenStack Identity Keystone before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained delegation, which allows remote authenticated users to gain privileges by leveraging a 1 trust or 2 OAuth token with impersonation enabled to create a new token with...

6CVSS6.9AI score0.02308EPSS
Exploits1References6Affected Software2
UbuntuCve
UbuntuCve
added 2014/06/17 12:0 a.m.24 views

CVE-2014-3476

OpenStack Identity Keystone before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained delegation, which allows remote authenticated users to gain privileges by leveraging a 1 trust or 2 OAuth token with impersonation enabled to create a new token with...

6CVSS5.9AI score0.02308EPSS
Exploits1References3
OSV
OSV
added 2014/06/17 12:0 a.m.5 views

UBUNTU-CVE-2014-3476

OpenStack Identity Keystone before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained delegation, which allows remote authenticated users to gain privileges by leveraging a 1 trust or 2 OAuth token with impersonation enabled to create a new token with...

6CVSS5.8AI score0.02308EPSS
Exploits1References4
OSV
OSV
added 2014/06/02 3:55 p.m.9 views

CVE-2013-2014

OpenStack Identity Keystone before 2013.1 allows remote attackers to cause a denial of service memory consumption and crash via multiple long requests...

6.4AI score
Exploits0References8
UbuntuCve
UbuntuCve
added 2014/06/02 3:55 p.m.33 views

CVE-2013-2014

OpenStack Identity Keystone before 2013.1 allows remote attackers to cause a denial of service memory consumption and crash via multiple long requests...

5CVSS5.9AI score0.03244EPSS
Exploits0References1
Cvelist
Cvelist
added 2014/06/02 3:0 p.m.34 views

CVE-2013-2014

OpenStack Identity Keystone before 2013.1 allows remote attackers to cause a denial of service memory consumption and crash via multiple long requests...

6.4AI score0.03244EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2014/05/05 12:0 a.m.27 views

Fedora Update for python-keystoneclient FEDORA-2014-5555

Check for the Version of python-keystoneclient OpenVAS Vulnerability Test Fedora Update for python-keystoneclient FEDORA-2014-5555 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

6CVSS6.4AI score0.01101EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2014/04/28 8:6 p.m.30 views

Important: Red Hat Security Advisory: python-keystoneclient security update

Updated python-keystoneclient packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 3.0. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which give...

6CVSS5.8AI score0.01101EPSS
Exploits0References2
NVD
NVD
added 2014/04/15 2:55 p.m.32 views

CVE-2014-2828

The V3 API in OpenStack Identity Keystone 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service CPU consumption via a large number of the same authentication method in a request, aka "authentication chaining."...

7.8CVSS6.5AI score0.03155EPSS
Exploits1References3
OSV
OSV
added 2014/04/15 2:55 p.m.2 views

DEBIAN-CVE-2014-2828

The V3 API in OpenStack Identity Keystone 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service CPU consumption via a large number of the same authentication method in a request, aka "authentication chaining."...

7.8CVSS6.9AI score0.03155EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2014/04/15 2:55 p.m.22 views

CVE-2014-2828

The V3 API in OpenStack Identity Keystone 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service CPU consumption via a large number of the same authentication method in a request, aka "authentication chaining."...

7.8CVSS5.9AI score0.03155EPSS
Exploits1References2
Prion
Prion
added 2014/04/15 2:55 p.m.19 views

Authentication flaw

The V3 API in OpenStack Identity Keystone 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service CPU consumption via a large number of the same authentication method in a request, aka "authentication chaining."...

7.8CVSS7.2AI score0.03155EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2014/04/15 2:55 p.m.4 views

PYSEC-2014-106

The V3 API in OpenStack Identity Keystone 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service CPU consumption via a large number of the same authentication method in a request, aka "authentication chaining."...

7.8CVSS6.5AI score0.03155EPSS
Exploits1References3
CVE
CVE
added 2014/04/15 2:0 p.m.69 views

CVE-2014-2828

CVE-2014-2828 affects OpenStack Keystone (V3 API) where an attacker can trigger a denial of service by sending many requests using the same authentication method. The vulnerability exists in Keystone 2013.1 before 2013.2.4 and in Icehouse before icehouse-rc2. Public advisories from Red Hat, IBM, ...

7.8CVSS6.6AI score0.03155EPSS
Exploits1References3Affected Software1
RedHat Linux
RedHat Linux
added 2014/04/03 8:18 p.m.47 views

Moderate: Red Hat Security Advisory: openstack-keystone security update

Updated openstack-keystone packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 3.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

5.8CVSS5.9AI score0.02239EPSS
Exploits3References3
NVD
NVD
added 2014/04/01 6:35 a.m.15 views

CVE-2014-2237

The memcache token backend in OpenStack Identity Keystone 2013.1 through 2.013.1.4, 2013.2 through 2013.2.2, and icehouse before icehouse-3, when issuing a trust token with impersonation enabled, does not include this token in the trustee's token-index-list, which prevents the token from being...

5CVSS6.2AI score0.01367EPSS
Exploits1References4
OSV
OSV
added 2014/04/01 6:35 a.m.6 views

CVE-2014-2237

The memcache token backend in OpenStack Identity Keystone 2013.1 through 2.013.1.4, 2013.2 through 2013.2.2, and icehouse before icehouse-3, when issuing a trust token with impersonation enabled, does not include this token in the trustee's token-index-list, which prevents the token from being...

6.1AI score
Exploits0References4
Rows per page
Query Builder