3 matches found
RHEL 7 : openstack-keystone (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - openstack-keystone: Improper check of tampered revocated PKI/PKIZ token CVE-2015-7546 Note that Nessus has not test...
Authorization
The identity service in OpenStack Identity Keystone before 2015.1.3 Kilo and 8.0.x before 8.0.2 Liberty and keystonemiddleware formerly python-keystoneclient before 1.5.4 Kilo and Liberty before 2.3.3 does not properly invalidate authorization tokens when using the PKI or PKIZ token providers,...
PYSEC-2016-20
The identity service in OpenStack Identity Keystone before 2015.1.3 Kilo and 8.0.x before 8.0.2 Liberty and keystonemiddleware formerly python-keystoneclient before 1.5.4 Kilo and Liberty before 2.3.3 does not properly invalidate authorization tokens when using the PKI or PKIZ token providers,...