OpenStack Identity (Keystone) prior to 2014.1.1 does not properly handle when a role is assigned to a group that has the same ID as a user, which allows remote authenticated users to gain privileges that are assigned to a group with the same ID.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openstack keystone |