Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2012-5563
Modified
More InfoOfficial Page
Source-secalert@redhat.com
View Known Exploited Vulnerability (KEV) details
Published At-18 Dec, 2012 | 01:55
Updated At-29 Apr, 2026 | 01:13

OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by creating new tokens through token chaining. NOTE: this issue exists because of a CVE-2012-3426 regression.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.0MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:N
Type: Primary
Version: 2.0
Base score: 4.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:N/I:P/A:N
CPE Matches
OpenStack
openstack
>>folsom>>2012.2
cpe:2.3:a:openstack:folsom:2012.2:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-255Primarynvd@nist.gov
CWE ID: CWE-255
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://rhn.redhat.com/errata/RHSA-2012-1557.htmlsecalert@redhat.com
N/A
http://secunia.com/advisories/51423secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/51436secalert@redhat.com
Vendor Advisory
http://www.openwall.com/lists/oss-security/2012/11/28/5secalert@redhat.com
Patch
http://www.openwall.com/lists/oss-security/2012/11/28/6secalert@redhat.com
Patch
http://www.securityfocus.com/bid/56727secalert@redhat.com
N/A
http://www.ubuntu.com/usn/USN-1641-1secalert@redhat.com
N/A
https://bugs.launchpad.net/keystone/+bug/1079216secalert@redhat.com
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/80370secalert@redhat.com
N/A
https://github.com/openstack/keystone/commit/38c7e46a640a94da4da89a39a5a1ea9c081f1eb5secalert@redhat.com
N/A
https://github.com/openstack/keystone/commit/f9d4766249a72d8f88d75dcf1575b28dd3496681secalert@redhat.com
N/A
http://rhn.redhat.com/errata/RHSA-2012-1557.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/51423af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/51436af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.openwall.com/lists/oss-security/2012/11/28/5af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.openwall.com/lists/oss-security/2012/11/28/6af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.securityfocus.com/bid/56727af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-1641-1af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugs.launchpad.net/keystone/+bug/1079216af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/80370af854a3a-2127-422b-91ae-364da2661108
N/A
https://github.com/openstack/keystone/commit/38c7e46a640a94da4da89a39a5a1ea9c081f1eb5af854a3a-2127-422b-91ae-364da2661108
N/A
https://github.com/openstack/keystone/commit/f9d4766249a72d8f88d75dcf1575b28dd3496681af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1557.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/51423
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/51436
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2012/11/28/5
Source: secalert@redhat.com
Resource:
Patch
Hyperlink: http://www.openwall.com/lists/oss-security/2012/11/28/6
Source: secalert@redhat.com
Resource:
Patch
Hyperlink: http://www.securityfocus.com/bid/56727
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-1641-1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://bugs.launchpad.net/keystone/+bug/1079216
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/80370
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://github.com/openstack/keystone/commit/38c7e46a640a94da4da89a39a5a1ea9c081f1eb5
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://github.com/openstack/keystone/commit/f9d4766249a72d8f88d75dcf1575b28dd3496681
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1557.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/51423
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/51436
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2012/11/28/5
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.openwall.com/lists/oss-security/2012/11/28/6
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.securityfocus.com/bid/56727
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-1641-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugs.launchpad.net/keystone/+bug/1079216
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/80370
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://github.com/openstack/keystone/commit/38c7e46a640a94da4da89a39a5a1ea9c081f1eb5
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://github.com/openstack/keystone/commit/f9d4766249a72d8f88d75dcf1575b28dd3496681
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Change History
0Changes found
Details not found