Lucene search
RootSSV:62209HistoryApr 17, 2014 - 12:00 a.m.
OpenStack Keystone V3 API验证拒绝服务漏洞
2014-04-1700:00:00
Root
www.seebug.org
15
EPSS
0.008
Percentile
81.3%
Bugtraq ID:65736
CVE ID:CVE-2014-2828
Keystone是Openstack中用于身份验证的项目,任何服务请求需要经过它的验证获得服务的endpoint。
OpenStack Keystone V3 API验证存在漏洞,攻击者可以利用漏洞发送特制的请求使Keystone服务崩溃,造成拒绝服务攻击。
0
OpenStack Keystone
目前厂商已经发布了升级补丁以修复漏洞,请下载使用:
https://git.openstack.org/cgit/openstack/keystone/commit/?id=e364ba5b12de8e4c11bd80bcca903f9615dcfc2e
Related
debiancve
debiancve
CVE-2014-2828
2014-04-15 14:55:04
nvd
nvd
CVE-2014-2828
2014-04-15 14:55:04
github
github
OpenStack Identity (Keystone) DoS through V3 API authentication chaining
2022-05-17 04:03:06
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:02:41
nessus
nessus
Oracle Solaris Third-Party Patch Update : keystone (cve_2014_2828_authentication_issues)
2015-01-19 00:00:00
Fedora 20 : openstack-keystone-2013.2.3-5.fc20 (2014-5497)
2014-08-08 00:00:00
prion
prion
Authentication flaw
2014-04-15 14:55:00
ibm
ibm
cve
cve
CVE-2014-2828
2014-04-15 14:55:04
cvelist
cvelist
CVE-2014-2828
2014-04-15 14:00:00
ubuntucve
ubuntucve
CVE-2014-2828
2014-04-15 00:00:00
redhat
redhat
(RHSA-2014:1688) Important: openstack-keystone security and bug fix update
2014-10-22 00:00:00
openvas
openvas
Fedora Update for openstack-keystone FEDORA-2014-5497
2014-08-08 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: openstack-keystone-2013.2.3-5.fc20
2014-08-07 15:24:24