Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS01cXBwLXY1NmYtbXFmbc4AAe6w
OpenStack Identity (Keystone) allows remote attackers to bypass intended access restrictions via revoked PKI token
The (1) mamcache and (2) KVS token backends in OpenStack Identity (Keystone) Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token.
Permalink: https://github.com/advisories/GHSA-5qpp-v56f-mqfmJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS01cXBwLXY1NmYtbXFmbc4AAe6w
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: almost 2 years ago
Updated: about 1 year ago
Identifiers: GHSA-5qpp-v56f-mqfm, CVE-2013-4294
References:
- https://nvd.nist.gov/vuln/detail/CVE-2013-4294
- https://bugs.launchpad.net/keystone/+bug/1202952
- http://osvdb.org/97237
- http://rhn.redhat.com/errata/RHSA-2013-1285.html
- http://seclists.org/oss-sec/2013/q3/586
- http://www.ubuntu.com/usn/USN-2002-1
- https://access.redhat.com/errata/RHSA-2013:1285
- https://access.redhat.com/security/cve/CVE-2013-4294
- https://bugzilla.redhat.com/show_bug.cgi?id=1004452
- https://github.com/advisories/GHSA-5qpp-v56f-mqfm
Affected Packages
pypi:keystone
Dependent packages: 3Dependent repositories: 37
Downloads: 6,744 last month
Affected Version Ranges: >= 2012.2.0, < 2013.1.4
Fixed in: 2013.1.4
All affected versions:
All unaffected versions: 12.0.2, 12.0.3, 13.0.2, 13.0.3, 13.0.4, 14.0.0, 14.0.1, 14.1.0, 14.2.0, 15.0.0, 15.0.1, 16.0.0, 16.0.1, 16.0.2, 17.0.0, 17.0.1, 18.0.0, 18.1.0, 19.0.0, 19.0.1, 20.0.0, 20.0.1, 21.0.0, 21.0.1, 22.0.0, 22.0.1, 23.0.0, 23.0.1, 24.0.0, 25.0.0