CVE-2013-2157

Currently unrated

Key Information:

Vendor
Openstack
Status
Keystone
Vendor
CVE Published:
20 August 2013

Summary

OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass authentication via an empty password.

References

http://www.openwall.com/lists/oss-security/2013/06/13/3
mailing-listx_refsource_MLIST
http://rhn.redhat.com/errata/RHSA-2013-1083.html
vendor-advisoryx_refsource_REDHAT
http://www.securityfocus.com/bid/60545
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.