Novell Home

CVE-2013-2059

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-2059 at MITRE

Description

OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token.

NVD CVSS v2 Base Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entries: 818596, 819353

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Cloud 1.0
  • openstack-keystone >= 2012.1+git.1361360075.f48dd0f-0.5.1
  • openstack-keystone-doc >= 2012.1+git.1361360075.f48dd0f-0.5.1
  • python-keystone >= 2012.1+git.1361360075.f48dd0f-0.5.1
Builds
SAT Patch Nr: 7863

© 2014 Novell