Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-1865 at MITRE


OpenStack Keystone Folsom (2012.2) does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token.

NVD CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

SUSE information

SUSE Bugzilla entry: 809590 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 12.3
  • openstack-keystone >= 2012.2.4+git.1363796849.255b1d4-3.8.1
  • openstack-keystone-doc >= 2012.2.4+git.1363796849.255b1d4-3.8.1
  • openstack-keystone-test >= 2012.2.4+git.1363796849.255b1d4-3.8.1
  • python-keystone >= 2012.2.4+git.1363796849.255b1d4-3.8.1