Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
---|---|---|---|---|---|
CVE-2013-2104 | Medium | Jan 21, 2014 | python-keystoneclient before 0.2.4, as used in OpenStack Keystone (Folsom), does not properly check expiry for PKI tokens, which allows remote authenti more... |
10.0.0, 9.0.2, 9.0.0, 8.0.0, 2015.1.0, 2014.1.3, 2012.1.1
|
|
CVE-2013-1977 | Low | May 21, 2013 | OpenStack devstack uses world-readable permissions for keystone.conf, which allows local users to obtain sensitive information such as the LDAP passwor more... |
10.0.0, 9.0.2, 9.0.0, 8.0.0, 2015.1.0, 2014.1.3, 2012.1.1
|
|
CVE-2013-1865 | Medium | Mar 22, 2013 | OpenStack Keystone Folsom (2012.2) does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote more... |
10.0.0, 9.0.2, 9.0.0, 8.0.0, 2015.1.0, 2014.1.3, 2012.1.1
|
|
CVE-2012-5563 | Medium | Dec 18, 2012 | OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not properly implement token expiration, which allows remote authenticated users to bypass more... |
10.0.0, 9.0.2, 9.0.0, 8.0.0, 2015.1.0, 2014.1.3, 2012.1.1
|
|
CVE-2012-5483 | Low | Dec 26, 2012 | tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable permis more... |
10.0.0, 9.0.2, 9.0.0, 8.0.0, 2015.1.0, 2014.1.3, 2012.1.1
|