OpenStack Keystone CVE-2014-3621 Information Disclosure Vulnerability
BID:69848
Info
OpenStack Keystone CVE-2014-3621 Information Disclosure Vulnerability
| Bugtraq ID: | 69848 |
| Class: | Design Error |
| CVE: |
CVE-2014-3621 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 16 2014 12:00AM |
| Updated: | Sep 16 2014 12:00AM |
| Credit: | Brant Knudson |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
OpenStack Keystone CVE-2014-3621 Information Disclosure Vulnerability
Keystone is prone to an information-disclosure vulnerability.
A remote attacker may leverage this issue to obtain potentially sensitive information that may aid in further attacks.
The following versions are vulnerable:
Keystone 2013.2.3 and prior
Keystone 2014.1 through 2014.1.2.1
Keystone is prone to an information-disclosure vulnerability.
A remote attacker may leverage this issue to obtain potentially sensitive information that may aid in further attacks.
The following versions are vulnerable:
Keystone 2013.2.3 and prior
Keystone 2014.1 through 2014.1.2.1
Exploit / POC
OpenStack Keystone CVE-2014-3621 Information Disclosure Vulnerability
Attackers can exploit the issue using standard and readily available tools.
Attackers can exploit the issue using standard and readily available tools.
Solution / Fix
OpenStack Keystone CVE-2014-3621 Information Disclosure Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
OpenStack Keystone CVE-2014-3621 Information Disclosure Vulnerability
References:
References: