OpenStack Keystone Grizzly prior to 2013.1, Folsom 2012.1.3 and previous versions, and Essex does not properly check if the (1) user, (2) tenant, or (3) domain is enabled when using EC2-style authentication, which allows context-dependent malicious users to bypass access restrictions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openstack keystone 2013.1 |
||
openstack keystone |