Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2013-0282
HistoryApr 12, 2013 - 10:55 p.m.

CVE-2013-0282

2013-04-1222:55:01
CWE-287
[email protected]
web.nvd.nist.gov
30
openstack
keystone
grizzly
folsom
essex
ec2-style authentication
cve-2013-0282
security vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.4%

JSON

OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the (1) user, (2) tenant, or (3) domain is enabled when using EC2-style authentication, which allows context-dependent attackers to bypass access restrictions.

Affected configurations

NVD
Node
openstackkeystoneRange2012.1–2012.1.3
OR
openstackkeystoneRange2012.2–2012.2.4
OR
openstackkeystoneMatch2013.1milestone1
OR
openstackkeystoneMatch2013.1milestone2
OR
openstackkeystoneMatch2013.1milestone3

Related

cvelist 1
github 1
ubuntucve 1
veracode 1
debiancve 1
seebug 1
prion 1
nvd 1
ubuntu 1
nessus 3
openvas 10
redhat 1
securityvulns 2
fedora 4
cvelist
cvelist
CVE-2013-0282
2013-04-12 22:00:00
github
github
OpenStack Keystone allows context-dependent attackers to bypass access restrictions
2022-05-05 02:48:43
ubuntucve
ubuntucve
CVE-2013-0282
2013-02-19 00:00:00
veracode
veracode
Authorization Bypass
2019-01-15 08:59:08
debiancve
debiancve
CVE-2013-0282
2013-04-12 22:55:01
seebug
seebug
OpenStack Keystone ιͺŒθ―η»•θΏ‡ζΌζ΄ž(CVE-2013-0282)
2013-04-16 00:00:00
prion
prion
Authentication flaw
2013-04-12 22:55:00
nvd
nvd
CVE-2013-0282
2013-04-12 22:55:01
ubuntu
ubuntu
OpenStack Keystone vulnerabilities
2013-02-20 00:00:00
nessus
nessus
Ubuntu 12.04 LTS / 12.10 : keystone vulnerabilities (USN-1730-1)
2013-02-21 00:00:00
Fedora 18 : openstack-keystone-2012.2.3-3.fc18 (2013-2916)
2013-03-05 00:00:00
openSUSE Security Update : openstack (openSUSE-2013-237)
2014-06-13 00:00:00
openvas
openvas
Ubuntu Update for keystone USN-1730-1
2013-02-22 00:00:00
Ubuntu: Security Advisory (USN-1730-1)
2013-02-22 00:00:00
Fedora Update for openstack-keystone FEDORA-2013-2916
2013-03-05 00:00:00
redhat
redhat
(RHSA-2013:0596) Moderate: openstack-keystone security, bug fix, and enhancement update
2013-03-05 00:00:00
securityvulns
securityvulns
[USN-1730-1] OpenStack Keystone vulnerabilities
2013-02-24 00:00:00
OpenStack security vulnerabilities
2013-03-24 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: openstack-keystone-2012.2.3-3.fc18
2013-03-04 22:39:17
[SECURITY] Fedora 18 Update: openstack-keystone-2012.2.3-5.fc18
2013-04-08 22:52:02
[SECURITY] Fedora 18 Update: openstack-keystone-2012.2.4-3.fc18
2013-05-22 01:29:47

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.4%

JSON
Related for CVE-2013-0282
cvelist1github1ubuntucve1veracode1debiancve1seebug1prion1nvd1ubuntu1nessus3openvas10redhat1securityvulns2fedora4