CVE Vulnerabilities

CVE-2012-4413

Published: Sep 18, 2012 | Modified: Feb 13, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles.

Affected Software

Name Vendor Start Version End Version
Keystone Openstack 2012.1.3 2012.1.3

References