|
|
Subscribe / Log in / New account

openstack-keystone: incorrect token revocation

Package(s):openstack-keystone CVE #(s):CVE-2013-4294
Created:September 26, 2013 Updated:November 8, 2013
Description:

From the Red Hat advisory:

It was found that Keystone did not correctly handle revoked PKI tokens, allowing users with revoked tokens to retain access to resources they should no longer be able to access. This issue only affected systems using PKI tokens with the memcache or KVS token back ends.

Alerts:
Fedora FEDORA-2013-20373 openstack-keystone 2013-11-08
Ubuntu USN-2002-1 keystone 2013-10-23
Red Hat RHSA-2013:1285-01 openstack-keystone 2013-09-25
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds