Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-22q6-wwq7-2jj9

Опубликовано: 17 мая 2022
Источник: github
Github: Прошло ревью
CVSS4: 6.9
CVSS3: 5.3

Описание

OpenStack Keystone Improper Authentication vulnerability

OpenStack Keystone Folsom (2012.2) does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token.

Ссылки

Пакеты

Наименование

keystone

pip
Затронутые версииВерсия исправления

>= 2012.2, < 2012.2.4

2012.2.4

EPSS

Процентиль: 78%
0.01162
Низкий

6.9 Medium

CVSS4

5.3 Medium

CVSS3

CVE ID

CVE-2013-1865

Дефекты

CWE-287

Связанные уязвимости

ubuntu логотип

CVE-2013-1865

ubuntu
больше 12 лет назад

OpenStack Keystone Folsom (2012.2) does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token.

redhat логотип

CVE-2013-1865

redhat
больше 12 лет назад

OpenStack Keystone Folsom (2012.2) does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token.

nvd логотип

CVE-2013-1865

nvd
больше 12 лет назад

OpenStack Keystone Folsom (2012.2) does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token.

debian логотип

CVE-2013-1865

debian
больше 12 лет назад

OpenStack Keystone Folsom (2012.2) does not properly perform revocatio ...

EPSS

Процентиль: 78%
0.01162
Низкий

6.9 Medium

CVSS4

5.3 Medium

CVSS3

CVE ID

CVE-2013-1865

Дефекты

CWE-287