Описание
A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | |
| esm-infra/bionic | needed | |
| esm-infra/focal | needed | |
| esm-infra/xenial | needed | |
| focal | ignored | end of standard support, was needed |
| jammy | released | 2:21.0.1-0ubuntu2.1 |
| kinetic | ignored | end of life, was needed |
| lunar | ignored | end of life, was needed |
| mantic | ignored | end of life, was needed |
Показывать по
EPSS
6.6 Medium
CVSS3
Связанные уязвимости
A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected.
A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected.
A flaw was found in Keystone. There is a time lag (up to one hour in a ...
A flaw was found in OpenStack. The application credential tokens can be used even after they have expired. This flaw allows an authenticated remote attacker to obtain access despite the defender's efforts to remove access.
EPSS
6.6 Medium
CVSS3