Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The memcache token backend in OpenStack Identity (Keystone) 2013.1 through 2.013.1.4, 2013.2 through 2013.2.2, and icehouse before icehouse-3, when issuing a trust token with impersonation enabled, does not include this token in the trustee's token-index-list, which prevents the token from being invalidated by bulk token revocation and allows the trustee to bypass intended access restrictions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenStack Identity 权限许可和访问控制漏洞
Vulnerability Description
OpenStack是美国国家航空航天局(National Aeronautics and Space Administration)和美国Rackspace公司合作研发的一个云平台管理项目。OpenStack Identity(又名Keystone)是其中的一个用于身份验证的项目,提供身份、令牌、目录和策略服务。 OpenStack Identity 2013.1至2.013.1.4版本,2013.2至2013.2.2版本中的memcache token backend中存在安全漏洞,该漏洞源于当分配一个
CVSS Information
N/A
Vulnerability Type
N/A