Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-0025

Malware in sbrugna...

5CVSS6AI score0.01367EPSS
Exploits1References13
RedHat Linux
RedHat Linux
added 2014/07/31 3:18 p.m.5 views

openstack-keystone: privilege escalation through trust chained delegation

A flaw was found in keystone's chained delegation. A trustee able to create a delegation from a trust or an OAuth token could misuse identity impersonation to bypass the enforced scope, possibly allowing them to obtain elevated privileges to the trustor's projects and roles...

6CVSS5.7AI score0.02308EPSS
Exploits1References4
OSV
OSV
added 2014/04/01 6:35 a.m.7 views

PYSEC-2014-105

The memcache token backend in OpenStack Identity Keystone 2013.1 through 2.013.1.4, 2013.2 through 2013.2.2, and icehouse before icehouse-3, when issuing a trust token with impersonation enabled, does not include this token in the trustee's token-index-list, which prevents the token from being...

5CVSS6.1AI score0.01367EPSS
Exploits1References4
OSV
OSV
added 2014/04/01 6:35 a.m.9 views

UBUNTU-CVE-2014-2237

The memcache token backend in OpenStack Identity Keystone 2013.1 through 2.013.1.4, 2013.2 through 2013.2.2, and icehouse before icehouse-3, when issuing a trust token with impersonation enabled, does not include this token in the trustee's token-index-list, which prevents the token from being...

5CVSS5.8AI score0.01367EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2014/01/22 6:31 p.m.6 views

Keystone: trust circumvention through EC2-style tokens

The ec2tokens API in OpenStack Identity Keystone before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain privileges by generating EC2 credentials from a trust-scoped token and using them in an ec2toke...

5.8CVSS5.9AI score0.02239EPSS
Exploits2References4
Rows per page
Query Builder