CPE-9EDAB420-80C8-4293-8655-499B461641EA Detail

CPE Details

OpenStack Keystone 2012.1.1

Vendor

openstack

Product

keystone

Version

2012.1.1

Created

2012-07-31
12h40 +00:00

Modified

2012-09-21
18h25 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:openstack:keystone:2012.1.1:::::::*

Informations

Vendor

openstack

Product

keystone

Version

2012.1.1

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2021-3563	2022-08-26 15h25 +00:00	A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity.	7.4	High
CVE-2013-0270	2013-04-12 22h00 +00:00	OpenStack Keystone Grizzly before 2013.1, Folsom, and possibly earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a large HTTP request, as demonstrated by a long tenant_name when requesting a token.	5
CVE-2013-0282	2013-04-12 22h00 +00:00	OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the (1) user, (2) tenant, or (3) domain is enabled when using EC2-style authentication, which allows context-dependent attackers to bypass access restrictions.	5
CVE-2013-0247	2013-02-24 19h00 +00:00	OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attackers to cause a denial of service (disk consumption) via many invalid token requests that trigger excessive generation of log entries.	5
CVE-2012-4456	2012-10-09 13h00 +00:00	The (1) OS-KSADM/services and (2) tenant APIs in OpenStack Keystone Essex before 2012.1.2 and Folsom before folsom-2 do not properly validate X-Auth-Token, which allow remote attackers to read the roles for an arbitrary user or get, create, or delete arbitrary services.	7.5
CVE-2012-4457	2012-10-09 13h00 +00:00	OpenStack Keystone Essex before 2012.1.2 and Folsom before folsom-3 does not properly handle authorization tokens for disabled tenants, which allows remote authenticated users to access the tenant's resources by requesting a token for the tenant.	4
CVE-2012-3426	2012-07-31 08h00 +00:00	OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenStack Essex, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by (1) creating new tokens through token chaining, (2) leveraging possession of a token for a disabled user account, or (3) leveraging possession of a token for an account with a changed password.	4.9

OpenStack Keystone 2012.1.1

CPE Details

CPE Name: cpe:2.3:a:openstack:keystone:2012.1.1:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:openstack:keystone:2012.1.1:::::::*