Published: 26/12/2012 Updated: 29/08/2017

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable permissions for /etc/keystone/ec2rc, which allows local users to obtain access to EC2 services by reading administrative access and secret values from this file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openstack keystone 2012.1.3

Synopsis Moderate: openstack-keystone security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic Updated openstack-keystone packages that fix two security issues, multiplebugs, and add enhancements are now available for Red Hat OpenStack EssexThe Red Hat Security Response Tea ...

CWE-264 https://bugzilla.redhat.com/show_bug.cgi?id=873447 http://rhn.redhat.com/errata/RHSA-2012-1556.html http://www.securityfocus.com/bid/56888 http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094286.html https://exchange.xforce.ibmcloud.com/vulnerabilities/80612 https://access.redhat.com/errata/RHSA-2012:1556 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-5483

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect