Openstack

Keystone

46 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 3.24%
  • Veröffentlicht 24.02.2013 19:55:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attackers to cause a denial of service (disk consumption) via many invalid token requests that trigger excessive generation of...

  • EPSS 0.34%
  • Veröffentlicht 26.12.2012 22:55:03
  • Zuletzt bearbeitet 16.06.2026 23:46:51

tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable permissions for /etc/keystone/ec2rc, which allows local users to obtain access to EC2 services by reading...

  • EPSS 2.27%
  • Veröffentlicht 09.10.2012 15:55:01
  • Zuletzt bearbeitet 16.06.2026 23:45:08

OpenStack Keystone Essex before 2012.1.2 and Folsom before folsom-3 does not properly handle authorization tokens for disabled tenants, which allows remote authenticated users to access the tenant's resources by requesting a token for the tenant.

  • EPSS 3.97%
  • Veröffentlicht 09.10.2012 15:55:01
  • Zuletzt bearbeitet 16.06.2026 23:45:08

The (1) OS-KSADM/services and (2) tenant APIs in OpenStack Keystone Essex before 2012.1.2 and Folsom before folsom-2 do not properly validate X-Auth-Token, which allow remote attackers to read the roles for an arbitrary user or get, create, or delete...

  • EPSS 1.88%
  • Veröffentlicht 18.09.2012 17:55:07
  • Zuletzt bearbeitet 16.06.2026 23:44:58

OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles.

Exploit
  • EPSS 2.27%
  • Veröffentlicht 31.07.2012 10:45:42
  • Zuletzt bearbeitet 16.06.2026 23:43:12

OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenStack Essex, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by (1) creating n...