CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-0282

OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the (1) user, (2) tenant, or (3) domain is enabled when using EC2-style authentication, which allows context-dependent attackers to bypass access restrictions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.9%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2013-0282

Openstack » Keystone » Version: 2012.1

cpe:2.3:a:openstack:keystone:2012.1
Openstack » Keystone » Version: 2012.1.1

cpe:2.3:a:openstack:keystone:2012.1.1
Openstack » Keystone » Version: 2012.1.2

cpe:2.3:a:openstack:keystone:2012.1.2
Openstack » Keystone » Version: 2012.1.3

cpe:2.3:a:openstack:keystone:2012.1.3
Openstack » Keystone » Version: 2012.2

cpe:2.3:a:openstack:keystone:2012.2
Openstack » Keystone » Version: 2012.2.1

cpe:2.3:a:openstack:keystone:2012.2.1
Openstack » Keystone » Version: 2012.2.2

cpe:2.3:a:openstack:keystone:2012.2.2
Openstack » Keystone » Version: 2012.2.3

cpe:2.3:a:openstack:keystone:2012.2.3
Openstack » Keystone » Version: 2012.2.4

cpe:2.3:a:openstack:keystone:2012.2.4
Openstack » Keystone » Version: 2013.1

cpe:2.3:a:openstack:keystone:2013.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-0282

Products

Pricing

Contact Us