exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2020-12692

почти 6 лет назад

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times.

CVSS3: 5.4

EPSS: Низкий

CVE-2020-12692

почти 6 лет назад

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times.

CVSS3: 5.4

EPSS: Низкий

CVE-2020-12692

почти 6 лет назад

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times.

CVSS3: 5.4

EPSS: Низкий

CVE-2020-12692

почти 6 лет назад

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0. ...

CVSS3: 5.4

EPSS: Низкий

GHSA-rqw2-hhrf-7936

больше 3 лет назад

OpenStack Keystone does not check signature TTL of the EC2 credential auth method

CVSS3: 5.4

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2020-12692 An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times.	CVSS3: 5.4	0% Низкий	почти 6 лет назад
CVE-2020-12692 An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times.	CVSS3: 5.4	0% Низкий	почти 6 лет назад
CVE-2020-12692 An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times.	CVSS3: 5.4	0% Низкий	почти 6 лет назад
CVE-2020-12692 An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0. ...	CVSS3: 5.4	0% Низкий	почти 6 лет назад
GHSA-rqw2-hhrf-7936 OpenStack Keystone does not check signature TTL of the EC2 credential auth method	CVSS3: 5.4	0% Низкий	больше 3 лет назад

Уязвимостей на страницу