Описание
OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenStack Platform 2.1 | openstack-keystone | Affected | ||
| RHOS Essex Release | openstack-keystone | Will not fix |
Показывать по
Дополнительная информация
Статус:
4 Medium
CVSS2
Связанные уязвимости
OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token.
OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token.
OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly bef ...
OpenStack Identity (Keystone) improper revoking of the authentication token when deleting a user
4 Medium
CVSS2