OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the (1) user, (2) tenant, or (3) domain is enabled when using EC2-style authentication, which allows context-dependent attackers to bypass access restrictions.
AV:N/AC:L/Au:N/C:P/I:N/A:N
12/04/2013
by Openstack
2 years ago
by Openstack
10 years ago
by Openstack
10 years ago
by Openstack
11 years ago