CVE-2013-4222

EPSS 0.58%

Published: 9/30/2013Modified: 4/28/2026

Description

OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token.

Affected packages (1)

Debian/keystonefrom 0, < 2013.1.3-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-4222