OpenStack Keystone Essex prior to 2012.1.2 and Folsom before folsom-3 does not properly handle authorization tokens for disabled tenants, which allows remote authenticated users to access the tenant's resources by requesting a token for the tenant.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openstack keystone |
||
openstack keystone 2012.2 |