Token Expiry Vulnerability in OpenStack Keystone Client by OpenStack
CVE-2013-2104

Currently unrated

Key Information:

Vendor
Openstack
Vendor
CVE Published:
21 January 2014

Summary

The OpenStack Keystone Client prior to version 0.2.4 suffers from a flaw that compromises the expiration mechanism of PKI tokens. This vulnerability enables remote authenticated users to continue utilizing tokens even after their expiration or to use tokens that have been revoked. This lapse in security can result in unauthorized access to resources, necessitating immediate attention and remediation from affected users.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.