Lucene search
MitreCVELIST:CVE-2018-14432HistoryJul 31, 2018 - 2:00 p.m.
CVE-2018-14432
2018-07-3114:00:00
mitre
www.cve.org
1
In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an authenticated “GET /v3/OS-FEDERATION/projects” request may bypass intended access restrictions on listing projects. An authenticated user may discover projects they have no authority to access, leaking all projects in the deployment and their attributes. Only Keystone with the /v3/OS-FEDERATION endpoint enabled via policy.json is affected.
Related
nessus
nessus
RHEL 7 : openstack-keystone (RHSA-2018:2533)
2024-04-27 00:00:00
RHEL 7 : openstack-keystone (RHSA-2018:2543)
2024-04-27 00:00:00
RHEL 7 : openstack-keystone (RHSA-2018:2523)
2024-04-27 00:00:00
redhat
redhat
(RHSA-2018:2543) Important: openstack-keystone security update
2018-08-22 16:12:38
(RHSA-2018:2533) Important: openstack-keystone security update
2018-08-21 16:37:51
(RHSA-2018:2523) Important: openstack-keystone security and bug fix update
2018-08-20 12:40:00
redhatcve
redhatcve
CVE-2018-14432
2018-07-25 22:49:16
ibm
ibm
cve
cve
CVE-2018-14432
2018-07-31 14:29:00
openvas
openvas
Debian: Security Advisory (DSA-4275-1)
2018-08-15 00:00:00
veracode
veracode
Information Disclosure
2019-01-15 09:25:09
debian
debian
[SECURITY] [DSA 4275-1] keystone security update
2018-08-16 20:49:26
prion
prion
Cross site request forgery (csrf)
2018-07-31 14:29:00
osv
osv
keystone - security update
2018-08-16 00:00:00
CVE-2018-14432
2018-07-31 14:29:00
nvd
nvd
CVE-2018-14432
2018-07-31 14:29:00
debiancve
debiancve
CVE-2018-14432
2018-07-31 14:29:00
ubuntucve
ubuntucve
CVE-2018-14432
2018-07-31 00:00:00