OpenStack Identity (Keystone) Folsom 2012.2.4 and previous versions, Grizzly prior to 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openstack keystone 2012.1 |
||
openstack keystone 2013.1 |