Openstack

Keystone

46 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.71%
  • Veröffentlicht 03.02.2016 18:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The identity service in OpenStack Identity (Keystone) before 2015.1.3 (Kilo) and 8.0.x before 8.0.2 (Liberty) and keystonemiddleware (formerly python-keystoneclient) before 1.5.4 (Kilo) and Liberty before 2.3.3 does not properly invalidate authorizat...

  • EPSS 2.88%
  • Veröffentlicht 12.05.2015 19:59:26
  • Zuletzt bearbeitet 06.05.2026 22:30:45

OpenStack Identity (Keystone) before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backend_argument configuration option content, which allows remote authenticated users to obtain passwords and other sensitive backend information by reading the Keys...

Exploit
  • EPSS 1.39%
  • Veröffentlicht 03.11.2014 23:55:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

OpenStack Identity (Keystone) before 2014.1.1 does not properly handle when a role is assigned to a group that has the same ID as a user, which allows remote authenticated users to gain privileges that are assigned to a group with the same ID.

Exploit
  • EPSS 1.91%
  • Veröffentlicht 26.10.2014 20:55:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

OpenStack Identity (Keystone) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated trustees to gain access to an unauthorized project for which the trustor has certain roles via the project ID in a V2 API trust ...

Exploit
  • EPSS 2.11%
  • Veröffentlicht 02.10.2014 14:55:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The catalog url replacement in OpenStack Identity (Keystone) before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuration options via a crafted endpoint, as demonstrated by "$(admin_token)" in the pub...

  • EPSS 1.49%
  • Veröffentlicht 25.08.2014 14:55:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 does not properly revoke tokens when a domain is invalidated, which allows remote authenticated users to retain access via a domain-scoped token for that domain.

  • EPSS 1.52%
  • Veröffentlicht 25.08.2014 14:55:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The V3 API in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 updates the issued_at value for UUID v2 tokens, which allows remote authenticated users to bypass the token expiration and retain access via a verification ...

  • EPSS 1.59%
  • Veröffentlicht 25.08.2014 14:55:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The MySQL token driver in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 stores timestamps with the incorrect precision, which causes the expiration comparison for tokens to fail and allows remote authenticated users ...

Exploit
  • EPSS 2.31%
  • Veröffentlicht 17.06.2014 14:55:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

OpenStack Identity (Keystone) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained delegation, which allows remote authenticated users to gain privileges by leveraging a (1) trust or (2) OAuth token with im...

  • EPSS 3.24%
  • Veröffentlicht 02.06.2014 15:55:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

OpenStack Identity (Keystone) before 2013.1 allows remote attackers to cause a denial of service (memory consumption and crash) via multiple long requests.