OpenStack Keystone Trust Chained Delegation Privilage Escalation Vulnerability

Bugtraq ID: 68026
Class: Design Error
CVE: CVE-2014-3476
Remote: Yes
Local: No
Published: Jun 12 2014 12:00AM
Updated: Apr 13 2015 10:00PM
Credit: Steven Hardy
Vulnerable: Redhat OpenStack 4.0
Redhat OpenStack 3.0
OpenStack Keystone 2014.1.1
OpenStack Keystone 2014.1
OpenStack Keystone 2013.2.3
OpenStack Keystone 2013.2.2
OpenStack Keystone 2013.2.1
OpenStack Keystone 2013.2.0
OpenStack Keystone 2013.2
IBM SmartCloud Orchestrator 2.3 FP1 iFix4
IBM SmartCloud Orchestrator 2.3 FP1
IBM SmartCloud Orchestrator 2.3
Not Vulnerable: IBM SmartCloud Orchestrator 2.3 FP1 iFix5


 

Privacy Statement
Copyright 2010, SecurityFocus