CVE Reference: CVE-2012-3542

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2012-3542

Description:
OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and OpenStack Essex (2012.1), allows remote attackers to add an arbitrary user to an arbitrary tenant via a request to update the user's default tenant to the administrative API. NOTE: this identifier was originally incorrectly assigned to an open redirect issue, but the correct identifier for that issue is CVE-2012-3540.

CVE Status:
Candidate

References:

UBUNTU
  http://www.ubuntu.com/usn/USN-1552-1

SAID
  Secunia Advisory: SA50467
  Secunia Advisory: SA50494

MLIST
  http://www.openwall.com/lists/oss-security/2012/08/30/6

CONFIRM

BID
  55326


Return to the previous page.