Lucene search
Ubuntu.comUB:CVE-2014-0204HistoryNov 03, 2014 - 12:00 a.m.
CVE-2014-0204
2014-11-0300:00:00
ubuntu.com
ubuntu.com
11
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
EPSS
0.003
Percentile
71.0%
OpenStack Identity (Keystone) before 2014.1.1 does not properly handle when
a role is assigned to a group that has the same ID as a user, which allows
remote authenticated users to gain privileges that are assigned to a group
with the same ID.
Bugs
- <https://bugs.launchpad.net/keystone/+bug/1309228>
- <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=749026>
Notes
| Author | Note |
|---|---|
| mdeslaur | OSSA 2014-015 watch for regression mentioned in tracker only icehouse and higher |
Related
prion
prion
Design/Logic Flaw
2014-11-03 23:55:00
cvelist
cvelist
CVE-2014-0204
2014-11-03 23:00:00
github
github
OpenStack Identity Keystone Improper Privilege Management
2022-05-13 01:26:10
nvd
nvd
CVE-2014-0204
2014-11-03 23:55:05
cve
cve
CVE-2014-0204
2014-11-03 23:55:05
debiancve
debiancve
CVE-2014-0204
2014-11-03 23:55:05
openvas
openvas
Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2019-2509)
2020-01-23 00:00:00
nessus
nessus
EulerOS 2.0 SP2 : openssl098e (EulerOS-SA-2019-2509)
2019-12-04 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
EPSS
0.003
Percentile
71.0%
Related for UB:CVE-2014-0204