CVE 2015-7546
The identity service in OpenStack Identity (Keystone) before 2015.1.3 (Kilo) and 8.0.x before 8.0.2 (Liberty) and keystonemiddleware (formerly python-
Related bugs and status
CVE-2015-7546 (Candidate) is related to these bugs:
Bug #1490804: [OSSA 2016-005] PKI Token Revocation Bypass (CVE-2015-7546)
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1490804 | [OSSA 2016-005] PKI Token Revocation Bypass (CVE-2015-7546) | OpenStack Identity (keystone) | High | Fix Released | ||
1490804 | [OSSA 2016-005] PKI Token Revocation Bypass (CVE-2015-7546) | OpenStack Security Advisory | Undecided | Fix Released | ||
1490804 | [OSSA 2016-005] PKI Token Revocation Bypass (CVE-2015-7546) | keystonemiddleware | High | Fix Released | ||
1490804 | [OSSA 2016-005] PKI Token Revocation Bypass (CVE-2015-7546) | python-keystoneclient | Undecided | Won't Fix | ||
1490804 | [OSSA 2016-005] PKI Token Revocation Bypass (CVE-2015-7546) | django-openstack-auth | Undecided | Invalid | ||
1490804 | [OSSA 2016-005] PKI Token Revocation Bypass (CVE-2015-7546) | OpenStack Security Notes | Critical | Fix Released | ||
1490804 | [OSSA 2016-005] PKI Token Revocation Bypass (CVE-2015-7546) | OpenStack Identity (keystone) kilo | High | Fix Released |
Bug #1526823: PKI Token Revocation Bypass (CVE-2015-7546)
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1526823 | PKI Token Revocation Bypass (CVE-2015-7546) | Mirantis OpenStack | High | Invalid | ||
1526823 | PKI Token Revocation Bypass (CVE-2015-7546) | Mirantis OpenStack 5.1.x | High | Invalid | ||
1526823 | PKI Token Revocation Bypass (CVE-2015-7546) | Mirantis OpenStack 6.1.x | High | Invalid | ||
1526823 | PKI Token Revocation Bypass (CVE-2015-7546) | Mirantis OpenStack 7.0.x | High | Invalid | ||
1526823 | PKI Token Revocation Bypass (CVE-2015-7546) | Mirantis OpenStack 6.0.x | High | Invalid |
Bug #1542152: [OSSA-2016-005] Potential reuse of revoked Identity tokens (CVE-2015-7546)
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1542152 | [OSSA-2016-005] Potential reuse of revoked Identity tokens (CVE-2015-7546) | Mirantis OpenStack | High | Invalid | ||
1542152 | [OSSA-2016-005] Potential reuse of revoked Identity tokens (CVE-2015-7546) | Mirantis OpenStack 6.0.x | High | Fix Released | ||
1542152 | [OSSA-2016-005] Potential reuse of revoked Identity tokens (CVE-2015-7546) | Mirantis OpenStack 7.0.x | High | Fix Released | ||
1542152 | [OSSA-2016-005] Potential reuse of revoked Identity tokens (CVE-2015-7546) | Mirantis OpenStack 6.1.x | High | Fix Released | ||
1542152 | [OSSA-2016-005] Potential reuse of revoked Identity tokens (CVE-2015-7546) | Mirantis OpenStack 5.1.x | High | Won't Fix |
See the
CVE page on Mitre.org
for more details.