OpenStack Keystone Essex before 2012.1.2 and Folsom before folsom-3 does
not properly handle authorization tokens for disabled tenants, which allows
remote authenticated users to access the tenant’s resources by requesting a
token for the tenant.
Author | Note |
---|---|
jdstrand | Keystone on 11.10 is a pre-release version and unusable with other components such as nova and horizon |