Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
OpenstackFolsom

3 matches found

CVE
CVEadded 2012/12/18 1:55 a.m.58 views

CVE-2012-5571

OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not properly handle EC2 tokens when the user role has been removed from a tenant, which allows remote authenticated users to bypass intended authorization restrictions by leveraging a token for the removed user role.

3.5CVSS6.1AI score0.00306EPSS
CVE
CVEadded 2012/12/18 1:55 a.m.54 views

CVE-2012-5563

OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by creating new tokens through token chaining. NOTE: this issue exists because of a CVE-2012-3426 regression.

4CVSS6AI score0.00208EPSS
CVE
CVEadded 2012/12/26 10:55 p.m.51 views

CVE-2012-5625

OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume (PV) content when reallocating for instances, which allows attackers to obtain sensitive information by reading the memory of the previous logical volume...

4.3CVSS5.7AI score0.00829EPSS