0.001 Low
EPSS
Percentile
40.2%
A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens.
bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10138
github.com/advisories/GHSA-xf8c-3cgx-fcwm
review.opendev.org/#/c/631240/