Lucene search
Ubuntu.comUB:CVE-2012-5571HistoryNov 28, 2012 - 12:00 a.m.
CVE-2012-5571
2012-11-2800:00:00
ubuntu.com
ubuntu.com
12
0.003 Low
EPSS
Percentile
66.1%
OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not properly
handle EC2 tokens when the user role has been removed from a tenant, which
allows remote authenticated users to bypass intended authorization
restrictions by leveraging a token for the removed user role.
Bugs
Notes
| Author | Note |
|---|---|
| jdstrand | Keystone on 11.10 is a pre-release version and unusable with other components such as nova and horizon |
Related
osv
osv
OpenStack Keystone intended authorization restrictions bypass
2022-05-17 01:39:21
debiancve
debiancve
CVE-2012-5571
2012-12-18 01:55:03
nvd
nvd
CVE-2012-5571
2012-12-18 01:55:03
prion
prion
Authorization
2012-12-18 01:55:00
github
github
OpenStack Keystone intended authorization restrictions bypass
2022-05-17 01:39:21
cve
cve
CVE-2012-5571
2012-12-18 01:55:03
cvelist
cvelist
CVE-2012-5571
2012-12-18 01:00:00
veracode
veracode
Privilege Escalation
2019-05-02 04:41:56
redhat
redhat
nessus
nessus
Fedora 18 : openstack-keystone-2012.2.1-1.fc18 (2012-19584)
2012-12-11 00:00:00
Fedora 17 : openstack-keystone-2012.1.3-3.fc17 (2012-19341)
2012-12-11 00:00:00
RHEL 6 : openstack-keystone (RHSA-2012:1556)
2024-04-27 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: openstack-keystone-2012.2.1-1.fc18
2012-12-11 05:57:09
[SECURITY] Fedora 17 Update: openstack-keystone-2012.1.3-3.fc17
2012-12-11 01:27:24
securityvulns
securityvulns
[USN-1641-1] OpenStack Keystone vulnerabilities
2012-12-10 00:00:00
OpenStack security vulnerabilities
2012-12-10 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-1641-1)
2012-11-29 00:00:00
Ubuntu Update for keystone USN-1641-1
2012-11-29 00:00:00
Fedora Update for openstack-keystone FEDORA-2012-19341
2012-12-11 00:00:00
ubuntu
ubuntu
OpenStack Keystone vulnerabilities
2012-11-28 00:00:00