Download
| Alert*
oval:org.secpod.oval:def:67090
keystone: OpenStack identity service Several security issues were fixed in OpenStack Keystone. oval:org.secpod.oval:def:2004193 An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. Th ... oval:org.secpod.oval:def:604839 A vulnerability was found in the EC2 credentials API of Keystone, the OpenStack identity service: Any user authenticated within a limited scope could create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. oval:org.secpod.oval:def:705604 keystone: OpenStack identity service Several security issues were fixed in OpenStack Keystone. |