OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the (1) user, (2) tenant, or (3) domain is enabled when using EC2-style authentication, which allows context-dependent attackers to bypass access restrictions.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2013-04-12T22:00:00Z
Updated: 2024-08-06T14:18:09.876Z
Reserved: 2012-12-06T00:00:00Z
Link: CVE-2013-0282
Vulnrichment
No data.
NVD
Status : Modified
Published: 2013-04-12T22:55:01.127
Modified: 2024-11-21T01:47:13.337
Link: CVE-2013-0282
Redhat