Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The V3 API in OpenStack Identity (Keystone) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service (CPU consumption) via a large number of the same authentication method in a request, aka "authentication chaining."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenStack Identity 授权问题漏洞
Vulnerability Description
OpenStack是美国国家航空航天局(National Aeronautics and Space Administration)和美国Rackspace公司合作研发的一个云平台管理项目。OpenStack Identity(又名Keystone)是其中的一个用于身份验证的项目,提供身份、令牌、目录和策略服务。 OpenStack Identity 2013.2.4之前的2013.1版本的V3 API中存在安全漏洞。远程攻击者可通过多次发送带有相同身份验证方法的请求利用该漏洞造成拒绝服务(CPU耗尽)。
CVSS Information
N/A
Vulnerability Type
N/A