A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected.
oryginał ENCVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:HOpenstack Keystone
APPOpenstackwszystkie wersjeRed Hat Openstack
APPRedhat16.116.2Red Hat Openstack Platform
APPRedhat16.116.2Red Hat Quay
APPRedhat3.0.0Red Hat Storage
APPRedhat3.0
Powiązane podatności
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi)...
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix do...
An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be foun...
A directory traversal vulnerability was found in the ClairCore engine of Clair. An attacker can exploit this b...
A flaw was found in Red Hat Quay, where it has a persistent Cross-site Scripting (XSS) vulnerability when disp...