Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
python-keystoneclient before 0.2.4, as used in OpenStack Keystone (Folsom), does not properly check expiry for PKI tokens, which allows remote authenticated users to (1) retain use of a token after it has expired, or (2) use a revoked token once it expires.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenStack python-keystoneclient 权限许可和访问控制问题漏洞
Vulnerability Description
OpenStack python-keystoneclient是一款基于Python的身份验证客户端库。 OpenStack python-keystoneclient 0.2.4之前版本存在权限许可和访问控制问题漏洞,该漏洞源于程序没有正确检查PKI令牌是否失效。攻击者利用该漏洞保留已过期令牌的使用,或继续使用已过期撤销的令牌。
CVSS Information
N/A
Vulnerability Type
N/A