Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.6
CVSSv3

CVE-2022-2447

Published: 01/09/2022 Updated: 01/10/2022
CVSS v3 Base Score: 6.6 | Impact Score: 5.9 | Exploitability Score: 0.7
VMScore: 0
Subscribe to Openstack

Vulnerability Summary

A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openstack keystone -

redhat storage 3.0

redhat quay 3.0.0

redhat openstack platform 16.1

redhat openstack platform 16.2

Vendor Advisories

Debian CVElist Bug Report Logs: keystone: CVE-2022-2447
Debian Bug report logs - #1021272 keystone: CVE-2022-2447 Package: src:keystone; Maintainer for src:keystone is Debian OpenStack <team+openstack@trackerdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Tue, 4 Oct 2022 19:45:01 UTC Severity: important Tags: security, upstream Reply or subscri ...

References

CWE-672https://bugzilla.redhat.com/show_bug.cgi?id=2105419https://access.redhat.com/security/cve/CVE-2022-2447https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021272https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000CVE-2024-4439unauthorizedCVE-2024-0042CVE-2024-31848CVE-2023-40694cache poisoningCVE-2024-23707firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook