OpenStack Keystone domain-range token revocation failure Security Restriction Bypass Vulnerability
Release date:
Updated on:
Affected Systems:
Openstack Keystone
Description:
--------------------------------------------------------------------------------
Bugtraq id: 69051
OpenStack Keystone is a project that provides identity, Token, directory, and policy services for the OpenStack series.
Keystone has a Security Restriction Bypass Vulnerability. authenticated attackers can exploit this vulnerability to bypass the target security restriction and perform unauthorized operations.
<* Source: Brant Knudson
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Openstack
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://lists.openstack.org/pipermail/openstack-announce/
Install and deploy Openstack on Ubuntu 12.10
Ubuntu 12.04 OpenStack Swift single-node deployment Manual
OpenStack cloud computing quick start tutorial
Deploying OpenStack for enterprises: what should be done and what should not be done
CentOS 6.5 x64bit quick OpenStack Installation
This article permanently updates the link address: