OpenStack Identity (keystone)

  1. Bug #1179955
  2. Comment #41

Comment 41 for bug 1179955

Revision history for this message
In , Glsamaker (glsamaker) wrote :

CVE-2013-4222 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4222):
  OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and
  Havana before havana-3 does not properly revoke user tokens when a tenant is
  disabled, which allows remote authenticated users to retain access via the
  token.