USN-3448-1: OpenStack Keystone vulnerability
11 October 2017
OpenStack Keystone would allow unintended access over the network.
- keystone - OpenStack identity service
Boris Bobrov discovered that OpenStack Keystone incorrectly handled
federation mapping when there are rules in which group-based assignments
are not used. A remote authenticated user may receive all the roles
assigned to a project regardless of the federation mapping, contrary to