Lucene search
Veracode Vulnerability DatabaseVERACODE:10723HistoryJan 15, 2019 - 8:51 a.m.
Authorization Bypass
2019-01-1508:51:18
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
EPSS
0
Percentile
5.1%
openstack-keystone is vulnerable to authorization bypass. This is due to the way users are removed from tenants when using Amazon EC2 credentials. Users retain privileges after being removed from tenants and will still be able to access resources which would have not been permitted.
References
lists.fedoraproject.org/pipermail/package-announce/2012-December/094286.html
rhn.redhat.com/errata/RHSA-2012-1556.html
www.securityfocus.com/bid/56888
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=867029
bugzilla.redhat.com/show_bug.cgi?id=873447
exchange.xforce.ibmcloud.com/vulnerabilities/80612
rhn.redhat.com/errata/RHSA-2012-1556.html
Related
cvelist
cvelist
CVE-2012-5483
2012-12-26 22:00:00
prion
prion
Design/Logic Flaw
2012-12-26 22:55:00
ubuntucve
ubuntucve
CVE-2012-5483
2012-12-26 00:00:00
debiancve
debiancve
CVE-2012-5483
2012-12-26 22:55:03
cve
cve
CVE-2012-5483
2012-12-26 22:55:03
nvd
nvd
CVE-2012-5483
2012-12-26 22:55:03
nessus
nessus
Fedora 17 : openstack-keystone-2012.1.3-3.fc17 (2012-19341)
2012-12-11 00:00:00
RHEL 6 : openstack-keystone (RHSA-2012:1556)
2024-04-27 00:00:00
veracode
veracode
Privilege Escalation
2019-05-02 04:41:56
redhat
redhat
openvas
openvas
Fedora Update for openstack-keystone FEDORA-2012-19341
2012-12-11 00:00:00
Fedora Update for openstack-keystone FEDORA-2012-19341
2012-12-11 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: openstack-keystone-2012.1.3-3.fc17
2012-12-11 01:27:24