OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openstack keystone 2012.1.3 |