Описание
A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 9 | fence-agents | Not affected | ||
| Red Hat Integration Camel K 1 | Openstack | Not affected | ||
| Red Hat Integration Data Virtualisation Operator | Openstack | Out of support scope | ||
| Red Hat JBoss Data Grid 7 | Openstack | Out of support scope | ||
| Red Hat JBoss Enterprise Application Platform 7 | Openstack | Not affected | ||
| Red Hat JBoss Enterprise Application Platform Expansion Pack | Openstack | Not affected | ||
| Red Hat JBoss Fuse 6 | Openstack | Out of support scope | ||
| Red Hat JBoss Fuse Service Works 6 | Openstack | Out of support scope | ||
| Red Hat OpenStack Platform 13 (Queens) | openstack-keystone | Out of support scope | ||
| Red Hat OpenStack Platform 16.1 | openstack-keystone | Affected |
Показывать по
Дополнительная информация
Статус:
EPSS
6.6 Medium
CVSS3
Связанные уязвимости
A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected.
A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected.
A flaw was found in Keystone. There is a time lag (up to one hour in a ...
A flaw was found in OpenStack. The application credential tokens can be used even after they have expired. This flaw allows an authenticated remote attacker to obtain access despite the defender's efforts to remove access.
EPSS
6.6 Medium
CVSS3