Vulnerabilities > Openstack > Keystone > 8.1.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-06-02 | CVE-2013-2014 | Improper Input Validation vulnerability in multiple products OpenStack Identity (Keystone) before 2013.1 allows remote attackers to cause a denial of service (memory consumption and crash) via multiple long requests. | 5.0 |
2013-12-14 | CVE-2013-6391 | Improper Privilege Management vulnerability in multiple products The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain privileges by generating EC2 credentials from a trust-scoped token and using them in an ec2tokens API request. | 5.8 |