Published: 22/03/2013 Updated: 13/02/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

OpenStack Keystone Folsom (2012.2) does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote malicious users to bypass intended access restrictions via a revoked PKI token.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openstack folsom 2012.2
canonical ubuntu linux 12.10

Synopsis Moderate: openstack-keystone security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated openstack-keystone packages that fix two security issues andvarious bugs are now available for Red Hat OpenStack FolsomThe Red Hat Security Response Team has rated this update as having ...

Under certain configurations, Keystone would allow unintended access over the network ...

CWE-287 https://review.openstack.org/#/c/24906/http://www.securityfocus.com/bid/58616 https://bugs.launchpad.net/keystone/+bug/1129713 http://www.ubuntu.com/usn/USN-1772-1 http://osvdb.org/91532 http://www.openwall.com/lists/oss-security/2013/03/20/13 http://secunia.com/advisories/52657 http://lists.opensuse.org/opensuse-updates/2013-04/msg00000.html http://rhn.redhat.com/errata/RHSA-2013-0708.html http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101719.html https://access.redhat.com/errata/RHSA-2013:0708 https://usn.ubuntu.com/1772-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-1865

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect