CVE-2013-2059

Published: 09 May 2013

OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token.

Priority

Low

Status

Package Release Status
keystone
Launchpad, Ubuntu, Debian
Upstream Pending