OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the (1) user, (2) tenant, or (3) domain is enabled when using EC2-style authentication, which allows context-dependent attackers to bypass access restrictions.
CPE | Name | Operator | Version |
---|---|---|---|
keystone | ge | 2012.1 | |
keystone | le | 2012.1.3 | |
keystone | ge | 2012.2 | |
keystone | le | 2012.2.4 | |
keystone | eq | 2013.1 milestone1 | |
keystone | eq | 2013.1 milestone2 | |
keystone | eq | 2013.1 milestone3 |