CVE-2012-5571

Summary

A flaw was found in OpenStack Keystone. This vulnerability allows remote authenticated users to bypass intended authorization restrictions. This occurs because OpenStack Keystone does not properly handle EC2 (Elastic Compute Cloud) tokens when a user's role has been removed from a tenant. An attacker can leverage a token associated with a removed user role to gain unauthorized access.

Affected Software

VendorProductVersion RangeStatus

Weaknesses

  • CWE-639: Authorization Bypass Through User-Controlled Key

ADP Enrichment

CVE Program Container

Additional References

References