Описание
OpenStack Identity (Keystone) before 2014.1.1 does not properly handle when a role is assigned to a group that has the same ID as a user, which allows remote authenticated users to gain privileges that are assigned to a group with the same ID.
Отчет
Not vulnerable. This issue did not affect the versions of openstack-keystone as shipped with Red Hat Enterprise Linux OpenStack Platform 3 and 4.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenStack Platform 3 | openstack-keystone | Not affected | ||
| Red Hat OpenStack Platform 4 | openstack-keystone | Not affected |
Показывать по
Дополнительная информация
Статус:
2.7 Low
CVSS2
Связанные уязвимости
OpenStack Identity (Keystone) before 2014.1.1 does not properly handle when a role is assigned to a group that has the same ID as a user, which allows remote authenticated users to gain privileges that are assigned to a group with the same ID.
OpenStack Identity (Keystone) before 2014.1.1 does not properly handle when a role is assigned to a group that has the same ID as a user, which allows remote authenticated users to gain privileges that are assigned to a group with the same ID.
OpenStack Identity (Keystone) before 2014.1.1 does not properly handle ...
OpenStack Identity Keystone Improper Privilege Management
2.7 Low
CVSS2